<?php
namespace App\Security\Voter;
use App\Contracts\Campaign\CampaignAccess;
use App\Entity\Activity;
use App\Entity\Campaign;
use App\Entity\Manager;
use App\Entity\User;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
class CampaignVoter extends Voter
{
/** @var string */
public const UPDATE = 'update';
/** @var string */
public const DELETE = 'delete';
/** @var string */
public const REVIEW = 'review';
/** @var string */
public const PAYOUT = 'payout';
/** @var string */
public const BONUS = 'bonus';
/** @var string */
public const RENEW = 'renew';
/** @var string */
public const EDIT = 'edit';
/** @var string */
public const REVIEW_CREATORS = 'review_creators';
/** @var string[] */
private const LIST = [
self::UPDATE,
self::DELETE,
self::REVIEW,
self::PAYOUT,
self::BONUS,
self::RENEW,
self::EDIT,
self::REVIEW_CREATORS
];
protected function supports(string $attribute, $subject): bool
{
return in_array($attribute, self::LIST, true)
&& ($subject instanceof Campaign || $subject instanceof Activity);
}
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
{
$user = $token->getUser();
if (!$user instanceof User) {
return false;
}
if ($user instanceof Manager) {
$user = $user->getSponsor();
}
if ($user->hasFullPermission()) {
return true;
}
/** @var Activity|Campaign $subject */
$compareUser = match (true) {
$subject instanceof Activity => $subject->getCampaign()->getSponsor(),
$subject instanceof Campaign => $subject->getSponsor(),
};
return match ($attribute) {
static::DELETE => $user === $compareUser && $subject->isDraft(),
static::PAYOUT => $user === $compareUser && $subject->isCompleted() && $subject->isNeedPayments(),
static::BONUS => $user === $compareUser && !$subject->isSetPersonalBonus() && $subject->getCampaign()->hasAccess(CampaignAccess::GRANT_CREATOR_BONUS),
static::RENEW => $user === $compareUser && $subject->isCompleted(),
static::EDIT => $user === $compareUser && $subject->isDraft(),
static::REVIEW_CREATORS => $user === $compareUser && $subject->hasAccess(CampaignAccess::APPROVE_CREATORS),
default => $user === $compareUser,
};
}
}