vendor/pimcore/portal-engine/src/Service/Security/Voter/DataPoolVersionHistoryVoter.php line 29

Open in your IDE?
  1. <?php
  3. /**
  4.  * Pimcore
  5.  *
  6.  * This source file is available under following license:
  7.  * - Pimcore Commercial License (PCL)
  8.  *
  9.  *  @copyright  Copyright (c) Pimcore GmbH (http://www.pimcore.org)
  10.  *  @license    http://www.pimcore.org/license     PCL
  11.  */
  13. namespace Pimcore\Bundle\PortalEngineBundle\Service\Security\Voter;
  15. use Pimcore\Bundle\PortalEngineBundle\Enum\Permission;
  16. use Pimcore\Bundle\PortalEngineBundle\Event\Permission\DataPoolVersionHistoryEvent;
  17. use Pimcore\Bundle\PortalEngineBundle\Model\DataObject\PortalUserInterface;
  18. use Pimcore\Bundle\PortalEngineBundle\Service\DataPool\DataPoolConfigService;
  19. use Pimcore\Bundle\PortalEngineBundle\Service\DataPool\DataPoolService;
  20. use Pimcore\Bundle\PortalEngineBundle\Service\PortalConfig\PortalConfigService;
  21. use Pimcore\Bundle\PortalEngineBundle\Service\Security\PermissionService;
  22. use Pimcore\Bundle\PortalEngineBundle\Service\Security\Traits\SecurityServiceAware;
  23. use Pimcore\Model\Element\ElementInterface;
  24. use Symfony\Component\EventDispatcher\EventDispatcherInterface;
  25. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  26. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  27. use Symfony\Component\Security\Core\Security;
  29. class DataPoolVersionHistoryVoter extends Voter
  30. {
  31.     use SecurityServiceAware;
  33.     /**
  34.      * @var PortalConfigService
  35.      */
  36.     protected $portalConfigService;
  38.     /**
  39.      * @var DataPoolConfigService
  40.      */
  41.     protected $dataPoolConfigService;
  43.     /**
  44.      * @var DataPoolService
  45.      */
  46.     protected $dataPoolService;
  48.     /**
  49.      * @var Security
  50.      */
  51.     protected $security;
  53.     /**
  54.      * @var PermissionService
  55.      */
  56.     protected $permissionService;
  58.     /**
  59.      * @var EventDispatcherInterface
  60.      */
  61.     protected $eventDispatcher;
  63.     /**
  64.      * DataPoolVersionHistoryVoter constructor.
  65.      *
  66.      * @param PortalConfigService $portalConfigService
  67.      * @param DataPoolConfigService $dataPoolConfigService
  68.      * @param Security $security
  69.      * @param DataPoolService $dataPoolService
  70.      * @param PermissionService $permissionService
  71.      * @param EventDispatcherInterface $eventDispatcher
  72.      */
  73.     public function __construct(PortalConfigService $portalConfigServiceDataPoolConfigService $dataPoolConfigServiceSecurity $securityDataPoolService $dataPoolServicePermissionService $permissionServiceEventDispatcherInterface $eventDispatcher)
  74.     {
  75.         $this->portalConfigService $portalConfigService;
  76.         $this->dataPoolConfigService $dataPoolConfigService;
  77.         $this->dataPoolService $dataPoolService;
  78.         $this->security $security;
  79.         $this->permissionService $permissionService;
  80.         $this->eventDispatcher $eventDispatcher;
  81.     }
  83.     protected function supports($attribute$subject)
  84.     {
  85.         return $this->portalConfigService->isPortalEngineSite()
  86.                && $attribute === Permission::VERSION_HISTORY;
  87.     }
  89.     /**
  90.      * @param string $attribute
  91.      * @param ElementInterface $subject
  92.      * @param TokenInterface $token
  93.      *
  94.      * @return bool
  95.      */
  96.     protected function voteOnAttribute($attribute$subjectTokenInterface $token)
  97.     {
  98.         $allowed true;
  99.         if (!$this->security->isGranted(Permission::DATA_POOL_ACCESS)) {
  100.             $allowed false;
  101.         }
  103.         $dataPoolConfig $this->dataPoolConfigService->getCurrentDataPoolConfig();
  105.         if (!$dataPoolConfig->getEnableVersionHistory()) {
  106.             $allowed false;
  107.         }
  109.         if ($allowed) {
  110.             /**
  111.              * @var PortalUserInterface $user
  112.              */
  113.             $user $this->securityService->getPortalUser();
  114.             $allowed $this->permissionService->isAllowed($userPermission::VERSION_HISTORY Permission::PERMISSION_DELIMITER $dataPoolConfig->getId());
  115.         }
  117.         $event = new DataPoolVersionHistoryEvent($allowed$dataPoolConfig->getId(), $this->securityService->getPortalUser());
  118.         $this->eventDispatcher->dispatch($event);
  120.         return $event->isAllowed();
  121.     }
  122. }