src/Invoice/Security/InvoiceVoter.php line 30

  1. <?php
  3. declare(strict_types=1);
  4. /**
  5.  * Copyright (c) 2019 TECLA Consulting Group oü.
  6.  * All rights reserved.
  7.  *
  8.  * This unpublished material is proprietary to TECLA Consulting Group oü.
  9.  * All rights reserved. The methods and
  10.  * techniques described herein are considered trade secrets
  11.  * and/or confidential. Reproduction or distribution, in whole
  12.  * or in part, is forbidden except by express written permission
  13.  * of TECLA Consulting Group oü.
  14.  *
  15.  * @author    Matúš Sýkorjak <matus@tecla.no>
  16.  * @copyright 2019 TECLA Consulting Group oü
  17.  */
  19. namespace App\Invoice\Security;
  21. use App\Contact\Model\ContactInterface;
  22. use App\Contact\Security\ContactContextInterface;
  23. use App\Invoice\Enum\InvoiceStatus;
  24. use App\Invoice\Enum\InvoiceType;
  25. use App\Invoice\Model\InvoiceInterface;
  26. use LogicException;
  27. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  28. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  30. final class InvoiceVoter extends Voter
  31. {
  32.     public const CREATE_INVOICE 'invoice.create_invoice';
  33.     public const CREATE_CREDIT_NOTE 'invoice_create_credit_note';
  34.     public const CREATE_PAYMENT 'invoice_create_payment';
  35.     public const CREATE_REPEAT_RULE 'invoice.create_repeat_rule';
  36.     public const VIEW 'invoice_view';
  37.     public const EXPORT 'invoice_export';
  38.     public const COPY 'invoice_copy';
  39.     public const SEND 'invoice_send';
  41.     public const SUPPORTED_ATTRIBUTES = [
  42.         self::CREATE_INVOICE,
  43.         self::CREATE_PAYMENT,
  44.         self::CREATE_CREDIT_NOTE,
  45.         self::VIEW,
  46.         self::COPY,
  47.         self::EXPORT,
  48.         self::SEND,
  49.         self::CREATE_REPEAT_RULE,
  50.     ];
  52.     private ContactContextInterface $contactContext;
  54.     public function __construct(ContactContextInterface $contactContext)
  55.     {
  56.         $this->contactContext $contactContext;
  57.     }
  59.     protected function supports($attribute$subject): bool
  60.     {
  61.         if (true === \in_array($attributeself::SUPPORTED_ATTRIBUTEStrue)) {
  62.             return null === $subject || true === $subject instanceof InvoiceInterface;
  63.         }
  65.         return false;
  66.     }
  68.     protected function voteOnAttribute($attribute$subjectTokenInterface $token): bool
  69.     {
  70.         switch ($attribute) {
  71.             case self::CREATE_INVOICE:
  72.                 return $this->canCreateInvoice();
  74.             case self::CREATE_PAYMENT:
  75.                 return $this->canCreatePayment($subject);
  77.             case self::CREATE_CREDIT_NOTE:
  78.                 return $this->canCreateCreditNote($subject);
  80.             case self::VIEW:
  81.             case self::EXPORT:
  82.                 return $this->canAccessInvoice($subject);
  84.             case self::COPY:
  85.                 return $this->canCopyInvoice($subject);
  87.             case self::SEND:
  88.                 return $this->canSendInvoice($subject);
  90.             case self::CREATE_REPEAT_RULE:
  91.                 return $this->canRepeatInvoice($subject);
  92.         }
  94.         throw new LogicException('This code should not be reached!');
  95.     }
  97.     private function canCreateInvoice(): bool
  98.     {
  99.         $currentContext $this->contactContext->getCurrent();
  101.         if (null === $currentContext) {
  102.             return false;
  103.         }
  105.         if (ContactInterface::TYPE_COMPANY !== $currentContext->getType()) {
  106.             return false;
  107.         }
  109.         return true;
  110.     }
  112.     private function canViewInvoice(?InvoiceInterface $invoice): bool
  113.     {
  114.         if (null === $invoice) {
  115.             return false;
  116.         }
  118.         $currentContext $this->contactContext->getCurrent();
  120.         return null !== $currentContext && $invoice->getSupplier() === $currentContext;
  121.     }
  123.     private function canAccessInvoice(?InvoiceInterface $invoice): bool
  124.     {
  125.         if (null === $invoice) {
  126.             return false;
  127.         }
  129.         $currentContext $this->contactContext->getCurrent();
  131.         return $this->canViewInvoice($invoice) || (null !== $currentContext && $invoice->getCustomer() === $currentContext);
  132.     }
  134.     private function canCreateCreditNote(?InvoiceInterface $invoice): bool
  135.     {
  136.         if (null === $invoice) {
  137.             return $this->canCreateInvoice();
  138.         }
  140.         if (false === $this->canViewInvoice($invoice)) {
  141.             return false;
  142.         }
  144.         if (false === InvoiceType::INVOICE()->equals($invoice->getType())) {
  145.             return false;
  146.         }
  148.         if (true === InvoiceStatus::CREDITED()->equals($invoice->getStatus())) {
  149.             return false;
  150.         }
  152.         return true;
  153.     }
  155.     private function canCopyInvoice(?InvoiceInterface $invoice): bool
  156.     {
  157.         if (false === $this->canViewInvoice($invoice) || null === $invoice) {
  158.             return false;
  159.         }
  161.         return InvoiceType::INVOICE()->equals($invoice->getType());
  162.     }
  164.     private function canSendInvoice(?InvoiceInterface $invoice): bool
  165.     {
  166.         if (null === $invoice) {
  167.             return false;
  168.         }
  170.         $currentContext $this->contactContext->getCurrent();
  172.         return null !== $currentContext && $invoice->getSupplier() === $currentContext;
  173.     }
  175.     private function canCreatePayment(?InvoiceInterface $invoice): bool
  176.     {
  177.         if (null === $invoice) {
  178.             return false;
  179.         }
  181.         $currentContext $this->contactContext->getCurrent();
  183.         return
  184.             null !== $currentContext &&
  185.             $invoice->getSupplier() === $currentContext &&
  186.             true === InvoiceType::INVOICE()->equals($invoice->getType()) &&
  187.             false === InvoiceStatus::PAID()->equals($invoice->getStatus()) &&
  188.             false === InvoiceStatus::CREDITED()->equals($invoice->getStatus());
  189.     }
  191.     private function canRepeatInvoice(?InvoiceInterface $invoice): bool
  192.     {
  193.         if (null === $invoice) {
  194.             return false;
  195.         }
  197.         if (false === InvoiceType::INVOICE()->equals($invoice->getType())) {
  198.             return false;
  199.         }
  201.         if (false === $this->isOwner($invoice)) {
  202.             return false;
  203.         }
  205.         return true;
  206.     }
  208.     private function isOwner(?InvoiceInterface $invoice): bool
  209.     {
  210.         if (null === $invoice) {
  211.             return false;
  212.         }
  214.         $currentContext $this->contactContext->getCurrent();
  216.         return null !== $currentContext && $invoice->getSupplier() === $currentContext;
  217.     }
  218. }