src/Voters/ClinicsVoter.php line 14

Open in your IDE?
  1. <?php
  3. namespace App\Voters;
  5. use App\Entity\Clinic\Clinic;
  6. use App\Entity\Clinic\PriceTier\PriceTier;
  7. use App\Entity\Organisation\Organisation;
  8. use App\Entity\Person\Admin;
  9. use App\Entity\Person\SuperClinicAdmin;
  10. use App\Entity\Person\User;
  11. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  12. use Symfony\Component\Security\Core\User\UserInterface;
  14. class ClinicsVoter extends OrganisationVoter
  15. {
  16.     const VIEW_EXTERNAL 'view_external';
  17.     const VIEW_CALENDAR 'view_calendar';
  18.     const VIEW_DAY_SHEET 'view_day_sheet';
  19.     const VIEW_DAY_SHEET_EDIT 'view_day_sheet_edit';
  20.     const DAY_SHEET_BY_TIER 'day_sheet_by_tier';
  21.     const CREATE_BOARD 'create_board';
  22.     const VIEW_STOCK 'view_stock';
  23.     const VIEW_STOCK_EDIT 'view_stock_edit';
  24.     const VIEW_EXTERNAL_INVOICE 'view_external_invoice';
  25.     const VIEW_CREATE_TEAM_MEMBER 'create_team_member';
  26.     const VIEW_NOTIFICATION 'notification';
  27.     const VIEW_NOTIFICATION_TWILIO 'notification_twilio';
  28.     const VIEW_PROSPECTS 'prospects';
  29.     const VIEW_WAITING_LIST 'waiting_list';
  30.     const VIEW_REPORT 'report';
  31.     const VIEW_LIBRARY 'library';
  32.     const REMOVE 'remove';
  33.     const ROOM 'room';
  34.     const EQUIPMENT 'equipment';
  35.     const ONLINE_BOOKING 'online_booking';
  37.     protected function supports($attribute$subject null)
  38.     {
  39.         return $subject instanceof Clinic && in_array(
  40.                 $attribute,
  41.                 [
  42.                     self::VIEW,
  43.                     self::CREATE,
  44.                     self::EDIT,
  45.                     self::VIEW_EXTERNAL,
  46.                     self::VIEW_STOCK,
  47.                     self::VIEW_STOCK_EDIT,
  48.                     self::VIEW_EXTERNAL_INVOICE,
  49.                     self::VIEW_CREATE_TEAM_MEMBER,
  50.                     self::VIEW_NOTIFICATION,
  51.                     self::VIEW_NOTIFICATION_TWILIO,
  52.                     self::VIEW_PROSPECTS,
  53.                     self::VIEW_WAITING_LIST,
  54.                     self::VIEW_REPORT,
  55.                     self::VIEW_LIBRARY,
  56.                     self::REMOVE,
  57.                     self::VIEW_DAY_SHEET,
  58.                     self::VIEW_DAY_SHEET_EDIT,
  59.                     self::CREATE_BOARD,
  60.                     self::VIEW_CALENDAR,
  61.                     self::ROOM,
  62.                     self::EQUIPMENT,
  63.                     self::DAY_SHEET_BY_TIER,
  64.                     self::ONLINE_BOOKING,
  65.                 ],
  66.                 true
  67.             );
  68.     }
  70.     protected function voteOnAttribute($attribute$subjectTokenInterface $token)
  71.     {
  72.         $user $token->getUser();
  73.         /** @var Clinic $clinic */
  74.         $clinic $subject;
  76.         /** @var Organisation $organisation */
  77.         $organisation $clinic->getOrganisation();
  79.         if (!$user instanceof UserInterface) {
  80.             return false;
  81.         }
  83.         switch ($attribute) {
  84.             case self::VIEW:
  85.                 if ($user instanceof Admin) {
  86.                     return true;
  87.                 }
  89.                 if ($user instanceof SuperClinicAdmin) {
  90.                     return parent::voteOnAttribute(self::VIEW$organisation$token);
  91.                 }
  93.                 return $user->getClinic()->getId() === $clinic->getId();
  94.                 break;
  95.             case self::CREATE:
  96.                 if ($this->decisionManager->decide($token, [User::ROLE_SUB_STOCK])) {
  97.                     if ($clinic !== $user->getClinic() && ($user->isClinicAdmin() || $user->isClinicReceptionist())) {
  98.                         return false;
  99.                     }
  101.                     return parent::voteOnAttribute(self::VIEW$organisation$token);
  102.                 }
  103.                 break;
  104.             case self::VIEW_CREATE_TEAM_MEMBER:
  105.                 if ($this->decisionManager->decide($token, [User::ROLE_SUB_CREATE_USERS])) {
  106.                     if ($user instanceof Admin) {
  107.                         return true;
  108.                     }
  109.                     if ($user instanceof SuperClinicAdmin) {
  110.                         return parent::voteOnAttribute(self::VIEW$organisation$token);
  111.                     }
  113.                     return $user->getClinic()->getId() === $clinic->getId();
  114.                 }
  115.                 break;
  116.             case self::VIEW_PROSPECTS:
  117.                 if ($this->decisionManager->decide($token, [User::ROLE_SUB_LEAD_CAPTURE])) {
  118.                     if ($user instanceof Admin) {
  119.                         return false;
  120.                     }
  121.                     if ($user instanceof SuperClinicAdmin) {
  122.                         return parent::voteOnAttribute(self::VIEW$organisation$token);
  123.                     }
  125.                     return $user->getClinic()->getId() === $clinic->getId();
  126.                 }
  127.                 break;
  128.             case self::VIEW_WAITING_LIST:
  129.                 if ($this->decisionManager->decide($token, [User::ROLE_SUB_WAITING_LIST])) {
  130.                     if ($user instanceof Admin) {
  131.                         return false;
  132.                     }
  133.                     if ($user instanceof SuperClinicAdmin) {
  134.                         return parent::voteOnAttribute(self::VIEW$organisation$token);
  135.                     }
  137.                     return $user->getClinic()->getId() === $clinic->getId();
  138.                 }
  139.                 break;
  140.             case self::VIEW_REPORT:
  141.                 if ($this->decisionManager->decide($token, [User::ROLE_SUB_REPORTING])) {
  142.                     if ($user instanceof Admin) {
  143.                         return true;
  144.                     }
  145.                     if ($user instanceof SuperClinicAdmin) {
  146.                         return parent::voteOnAttribute(self::VIEW$organisation$token);
  147.                     }
  149.                     return $user->getClinic()->getId() === $clinic->getId();
  150.                 }
  151.                 break;
  152.             case self::VIEW_LIBRARY:
  153.                 if ($this->decisionManager->decide($token, [User::ROLE_SUB_LIBRARY])) {
  154.                     if ($user instanceof Admin) {
  155.                         return true;
  156.                     }
  157.                     if ($user instanceof SuperClinicAdmin) {
  158.                         return parent::voteOnAttribute(self::VIEW$organisation$token);
  159.                     }
  161.                     return $user->getClinic()->getId() === $clinic->getId();
  162.                 }
  163.                 break;
  164.             case self::EDIT:
  165.                 if ($this->decisionManager->decide($token, [User::ROLE_SUB_CLINIC_SETUP])) {
  166.                     if ($user instanceof Admin) {
  167.                         return true;
  168.                     }
  169.                     if ($user instanceof SuperClinicAdmin) {
  170.                         return parent::voteOnAttribute(self::VIEW$organisation$token);
  171.                     }
  173.                     return $user->getClinic()->getId() === $clinic->getId();
  174.                 }
  175.                 break;
  176.             case self::REMOVE:
  177.                 if ($this->decisionManager->decide($token, [User::ROLE_SUB_CLINIC_SETUP])) {
  178.                     if ($user instanceof Admin) {
  179.                         return true;
  180.                     }
  181.                     if ($user instanceof SuperClinicAdmin) {
  182.                         return parent::voteOnAttribute(self::VIEW$organisation$token);
  183.                     }
  185.                     return false;
  186.                 }
  187.                 break;
  188.             case self::VIEW_NOTIFICATION:
  189.                 if ($this->decisionManager->decide($token, [User::TYPE_SUPER_CLINIC_ADMINUser::ROLE_CLINIC_ADMIN])) {
  190.                     if ($user instanceof Admin) {
  191.                         return true;
  192.                     }
  193.                     if ($user instanceof SuperClinicAdmin) {
  194.                         return parent::voteOnAttribute(self::VIEW$organisation$token);
  195.                     }
  197.                     return $user->getClinic()->getId() === $clinic->getId();
  198.                 }
  199.                 break;
  200.             case self::VIEW_NOTIFICATION_TWILIO:
  201.                 if ($this->decisionManager->decide($token, [User::ROLE_SUB_CLINIC_SETUP])) {
  202.                     if ($user instanceof Admin) {
  203.                         return true;
  204.                     }
  205.                     if ($user instanceof SuperClinicAdmin) {
  206.                         return parent::voteOnAttribute(self::VIEW$organisation$token);
  207.                     }
  209.                     return $user->getClinic()->getId() === $clinic->getId();
  210.                 }
  211.                 break;
  212.             case self::VIEW_EXTERNAL:
  213.                 if ($user instanceof Admin) {
  214.                     return false;
  215.                 }
  217.                 if ($user instanceof SuperClinicAdmin) {
  218.                     return parent::voteOnAttribute(self::VIEW$organisation$token);
  219.                 }
  221.                 return $user->getClinic()->getId() === $clinic->getId();
  222.                 break;
  223.             case self::VIEW_CALENDAR:
  224.                 if ($user instanceof Admin) {
  225.                     return false;
  226.                 }
  228.                 if ($user instanceof SuperClinicAdmin) {
  229.                     return parent::voteOnAttribute(self::VIEW$organisation$token);
  230.                 }
  232.                 if ($user->isCoordinator()) {
  233.                     return false;
  234.                 }
  236.                 return $user->getClinic()->getId() === $clinic->getId();
  237.                 break;
  238.             case self::VIEW_DAY_SHEET:
  239.                 if ($user instanceof Admin) {
  240.                     return false;
  241.                 }
  243.                 if ($user instanceof SuperClinicAdmin) {
  244.                     return parent::voteOnAttribute(self::VIEW$organisation$token);
  245.                 }
  247.                 return ($this->decisionManager->decide($token, [User::ROLE_CLINIC_ADMINUser::ROLE_PRACTITIONERUser::ROLE_RECEPTIONISTUser::ROLE_BOOKERUser::ROLE_COORDINATOR]))
  248.                     && $user->getClinic()->getId() === $clinic->getId();
  249.                 break;
  250.             case self::VIEW_DAY_SHEET_EDIT:
  251.                 if ($user instanceof Admin) {
  252.                     return false;
  253.                 }
  255.                 if ($user instanceof SuperClinicAdmin) {
  256.                     return parent::voteOnAttribute(self::VIEW$organisation$token);
  257.                 }
  259.                 return ($this->decisionManager->decide($token, [User::ROLE_CLINIC_ADMINUser::ROLE_RECEPTIONISTUser::ROLE_BOOKERUser::ROLE_COORDINATOR]))
  260.                     && $user->getClinic()->getId() === $clinic->getId();
  261.                 break;
  262.             case self::VIEW_STOCK:
  263.                 if ($this->decisionManager->decide($token, [User::ROLE_SUB_STOCK])) {
  264.                     if ($user instanceof SuperClinicAdmin) {
  265.                         return parent::voteOnAttribute(self::VIEW$organisation$token);
  266.                     }
  268.                     return $user->getClinic()->getId() === $clinic->getId();
  269.                 }
  270.                 break;
  271.             case self::VIEW_STOCK_EDIT:
  272.                 if ($this->decisionManager->decide($token, [User::ROLE_SUB_STOCK])) {
  273.                     if ($user instanceof SuperClinicAdmin) {
  274.                         return parent::voteOnAttribute(self::VIEW$organisation$token);
  275.                     }
  277.                     if ($user->isBooker() || $user->isCoordinator()) {
  278.                         return false;
  279.                     }
  281.                     return $user->getClinic()->getId() === $clinic->getId();
  282.                 }
  283.                 break;
  284.             case self::VIEW_EXTERNAL_INVOICE:
  285.                 if ($user instanceof Admin) {
  286.                     return false;
  287.                 }
  289.                 if ($user instanceof SuperClinicAdmin) {
  290.                     return parent::voteOnAttribute(self::VIEW$organisation$token);
  291.                 }
  293.                 return ($this->decisionManager->decide($token, [User::ROLE_SUB_INVOICE])) && $user->getClinic()->getId() === $clinic->getId();
  294.                 break;
  295.             case self::CREATE_BOARD:
  296.                 if ($user instanceof Admin) {
  297.                     return false;
  298.                 }
  300.                 if ($user instanceof SuperClinicAdmin) {
  301.                     return parent::voteOnAttribute(self::VIEW$organisation$token);
  302.                 }
  304.                 return ($this->decisionManager->decide($token, [User::ROLE_CLINIC_ADMIN])) && $user->getClinic()->getId() === $clinic->getId();
  305.                 break;
  306.             case self::ROOM:
  307.                 if ($clinic->getPriceTier()->getType() !== PriceTier::TYPE_STARTER) {
  308.                     return true;
  309.                 }
  311.                 return false;
  312.                 break;
  313.             case self::EQUIPMENT:
  314.                 if ($clinic->getPriceTier()->getType() !== PriceTier::TYPE_STARTER) {
  315.                     return true;
  316.                 }
  318.                 return false;
  319.                 break;
  320.             case self::DAY_SHEET_BY_TIER:
  321.                 if ($clinic->getPriceTier()->getType() === PriceTier::TYPE_ENTERPRISE) {
  322.                     return true;
  323.                 }
  325.                 return false;
  326.                 break;
  327.             case self::ONLINE_BOOKING:
  328.                 if ($clinic->getPriceTier()->getType() !== PriceTier::TYPE_STARTER) {
  329.                     return true;
  330.                 }
  332.                 return false;
  333.                 break;
  334.         }
  336.         return false;
  337.     }
  338. }