Code Coverage |
||||||||||||||||
Lines |
Branches |
Paths |
Functions and Methods |
Classes and Traits |
||||||||||||
| Total | |
90.00% |
9 / 10 |
|
90.00% |
9 / 10 |
|
57.14% |
4 / 7 |
|
66.67% |
2 / 3 |
CRAP | |
0.00% |
0 / 1 |
| ActionVoter | |
90.00% |
9 / 10 |
|
90.00% |
9 / 10 |
|
57.14% |
4 / 7 |
|
66.67% |
2 / 3 |
8.83 | |
0.00% |
0 / 1 |
| __construct | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| supports | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| voteOnAttribute | |
87.50% |
7 / 8 |
|
87.50% |
7 / 8 |
|
40.00% |
2 / 5 |
|
0.00% |
0 / 1 |
7.46 | |||
| 1 | <?php |
| 2 | |
| 3 | namespace App\Security; |
| 4 | |
| 5 | use Symfony\Bundle\SecurityBundle\Security; |
| 6 | use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; |
| 7 | use Symfony\Component\Security\Core\Authorization\Voter\Voter; |
| 8 | |
| 9 | /** |
| 10 | * @extends Voter<string,mixed> |
| 11 | */ |
| 12 | class ActionVoter extends Voter |
| 13 | { |
| 14 | protected const array AUTHORIZED = [ |
| 15 | Action::HOMEPAGE => [Role::ALL], |
| 16 | Action::NAVBAR_ENVIRONNEMENT => [Role::ADMINISTRATEUR, Role::UTILISATEUR], |
| 17 | Action::ADMIN_PAGE => [Role::ADMINISTRATEUR], |
| 18 | Action::ADMIN_PARAMETER => [Role::ADMINISTRATEUR], |
| 19 | Action::ADMIN_PARAMETER_WRITE => [Role::ADMINISTRATEUR], |
| 20 | Action::ADMIN_MAIL_TEST => [Role::ADMINISTRATEUR], |
| 21 | Action::ADMIN_LOG => [Role::ADMINISTRATEUR], |
| 22 | ]; |
| 23 | /* |
| 24 | * @var Security |
| 25 | */ |
| 26 | private Security $security; |
| 27 | |
| 28 | public function __construct(Security $security) |
| 29 | { |
| 30 | $this->security = $security; |
| 31 | } |
| 32 | |
| 33 | /** |
| 34 | * Indicates whether an action (attribute) is handled by this voter. |
| 35 | */ |
| 36 | protected function supports(string $attribute, mixed $subject): bool |
| 37 | { |
| 38 | return in_array($attribute, Action::getActions(), true); |
| 39 | } |
| 40 | |
| 41 | /** |
| 42 | * Indicates whether the role grants the right to perform an action. |
| 43 | */ |
| 44 | protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool |
| 45 | { |
| 46 | $user = $token->getUser(); |
| 47 | |
| 48 | // the user must be logged in; if not, deny permission |
| 49 | if (!$user instanceof User) { |
| 50 | return false; |
| 51 | } |
| 52 | $authorized = self::AUTHORIZED[$attribute] ?? []; |
| 53 | foreach ($authorized as $authorization) { |
| 54 | if ($this->security->isGranted($authorization)) { |
| 55 | return true; |
| 56 | } |
| 57 | } |
| 58 | |
| 59 | return false; |
| 60 | } |
| 61 | } |