src/Voters/ApiVoter.php line 15

1. <?php
3. namespace App\Voters;
5. use App\Entity\Clinic\Person\ClinicUser;
6. use App\Entity\Message\TableConversation;
7. use App\Entity\Message\UserConversation;
8. use App\Entity\Person\Patient;
9. use App\Entity\Person\SuperClinicAdmin;
10. use App\Entity\Person\User;
11. use Doctrine\Persistence\ManagerRegistry;
12. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
13. use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
15. class ApiVoter extends AppVoter
16. {
17.     public const IPAD = 'ipad';
18.     public const IPAD_BY_PATIENT = 'ipad_by_patient';
19.     public const IPAD_LIMITED_ACCESS = 'ipad_limited_access';
20.     public const IPAD_LIMITED_ACCESS_CHAT = 'ipad_limited_access_chat';
21.     public const IPHONE = 'iphone';
23.     /**
24.      * @var ManagerRegistry
25.      */
26.     private $doctrine;
28.     public function __construct(AccessDecisionManagerInterface $decisionManager, ManagerRegistry $registry)
29.     {
30.         parent::__construct($decisionManager);
32.         $this->doctrine = $registry;
33.     }
35.     protected function supports($attribute, $subject)
36.     {
37.         return in_array($attribute,
38.             [
39.                 self::IPAD,
40.                 self::IPHONE,
41.                 self::IPAD_BY_PATIENT,
42.                 self::IPAD_LIMITED_ACCESS,
43.                 self::IPAD_LIMITED_ACCESS_CHAT
44.             ],
45.             true
46.         );
47.     }
49.     protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
50.     {
51.         /** @var ClinicUser|Patient|SuperClinicAdmin $user */
52.         $user = $token->getUser();
54.         if ($this->decisionManager->decide($token, [User::ROLE_PATIENT]) && self::IPHONE == $attribute) {
55.             return $user->getId() == $subject;
56.         }
58.         if ($this->decisionManager->decide($token, [User::ROLE_PRACTITIONER, User::ROLE_SCHEDULER, User::ROLE_SUPER_CLINIC_ADMIN])
59.             && in_array($attribute, [self::IPAD, self::IPHONE, self::IPAD_BY_PATIENT])) {
60.             if ($subject && in_array($attribute, [self::IPAD_BY_PATIENT, self::IPHONE])) {
61.                 /** @var Patient $patient */
62.                 $patient = $this->doctrine->getRepository(Patient::class)->find((int) $subject);
63.                 if ($user instanceof SuperClinicAdmin) {
64.                     $clinic = $user->getCurrentClinic();
65.                    
66.                 } else {
67.                     $clinic = $user->getClinic();
68.                 }
70.                 return $patient && ($clinic->getId() == $patient->getClinic()->getId() || $patient->getAllowedClinics()->contains($clinic));
71.             }
73.             return true;
74.         }
76.         if ($this->decisionManager->decide($token,
77.                 [
78.                     User::ROLE_PRACTITIONER,
79.                     User::ROLE_SCHEDULER,
80.                     User::ROLE_CLINIC_ADMIN,
81.                     User::ROLE_SUPER_CLINIC_ADMIN,
82.                     User::ROLE_RECEPTIONIST,
83.                     User::ROLE_BOOKER
84.                 ]
85.             )
86.                 && self::IPAD_LIMITED_ACCESS == $attribute) {
87.             if ($subject) {
88.                 /** @var Patient $patient */
89.                 $patient = $this->doctrine->getRepository(Patient::class)->find($subject);
91.                 if ($user instanceof SuperClinicAdmin) {
92.                     if ($user->getCurrentClinic()) {
93.                         return $patient && ($user->getCurrentClinic()->getId() == $patient->getClinic()->getId() || $patient->getAllowedClinics()->contains($user->getCurrentClinic()));
94.                     }
96.                     return false;
97.                 }
99.                 return $patient && ($user->getClinic()->getId() == $patient->getClinic()->getId() || $patient->getAllowedClinics()->contains($user->getClinic()));
100. //                return $patient && $user->getClinic()->getId() == $patient->getClinic()->getId();
101.             }
103.             return true;
104.         }
106.         if ($this->decisionManager->decide($token,
107.                 [
108.                     User::ROLE_PRACTITIONER,
109.                     User::ROLE_SCHEDULER,
110.                     User::ROLE_CLINIC_ADMIN,
111.                     User::ROLE_SUPER_CLINIC_ADMIN,
112.                     User::ROLE_RECEPTIONIST,
113.                     User::ROLE_BOOKER
114.                 ]
115.             )
116.             && self::IPAD_LIMITED_ACCESS_CHAT == $attribute) {
117.             if ($subject) {
118.                 /** @var TableConversation $conversation */
119.                 $conversation = $this->doctrine->getRepository(TableConversation::class)->find($subject);
121.                 return $conversation &&
122.                     $conversation->getUserConversations()->filter(function (UserConversation $userConversation) use ($user) {
123.                         return $userConversation->getUser()->getId() == $user->getId();
124.                     })->count() > 0;
125.             }
127.             return false;
128.         }
130.         return false;
131.     }
132. }