Code Coverage for C:\xampp\htdocs\todolist_project_v13\src\Security\Voter\UserVoter.php

	Code Coverage
	Classes and Traits			Functions and Methods				Lines
Total	0.00% covered (danger)	0.00%	0 / 1	75.00% covered (warning)	75.00%	3 / 4	CRAP	90.48% covered (success)	90.48%	19 / 21
UserVoter	0.00% covered (danger)	0.00%	0 / 1	75.00% covered (warning)	75.00%	3 / 4	14.17	90.48% covered (success)	90.48%	19 / 21
__construct				100.00% covered (success)	100.00%	1 / 1	1	100.00% covered (success)	100.00%	2 / 2
supports				100.00% covered (success)	100.00%	1 / 1	3	100.00% covered (success)	100.00%	5 / 5
voteOnAttribute				0.00% covered (danger)	0.00%	0 / 1	4.18	77.78% covered (warning)	77.78%	7 / 9
checkAuthorization				100.00% covered (success)	100.00%	1 / 1	6	100.00% covered (success)	100.00%	5 / 5

1	<?php
2
3	namespace App\Security\Voter;
4
5	use App\Entity\Usertodo;
6	// use Symfony\Component\Security\Core\User\UserInterface;
7	use Symfony\Component\Security\Core\Authorization\Voter\Voter;
8	use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
9	use Symfony\Component\Security\Core\Security;
10
11	class UserVoter extends Voter
12	{
13	const UPDATE = 'update';
14
15	const DELETE = 'delete';
16
17	/**
18	* @var Security
19	*/
20	private $security;
21
22	public function __construct(Security $security)
23	{
24	$this->security = $security;
25	}
26
27	protected function supports($attribute, $subject): bool
28	{
29	// if the attribute isn't one we support, return false
30	if (!in_array($attribute, [self::UPDATE, self::DELETE])) {
31	return false;
32	}
33
34	// only vote on `Usertodo` objects
35	if (!$subject instanceof Usertodo) {
36	return false;
37	}
38
39	return true;
40	}
41
42	protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
43	{
44	$user = $token->getUser();
45
46	if (!$user instanceof Usertodo) {
47	// the user must be logged in; if not, deny access
48	return false;
49	}
50
51	// $subject is a Usertodo object
52	/** @var Usertodo $user */
53	$user = $subject;
54
55	switch ($attribute) {
56	case self::UPDATE:
57	// return $this->canUpdate($user);
58	return $this->checkAuthorization($user);
59	case self::DELETE:
60	// return $this->canDelete($user);
61	return $this->checkAuthorization($user);
62	}
63
64	throw new \LogicException('This code should not be reached!');
65	}
66
67	private function checkAuthorization(Usertodo $user)
68	{
69	// AJOUTÉ POUR EMPÊCHER UN ADMINISTRATEUR OU UN MANAGER DE MODIFIER SON PROPRE COMPTE
70	// AJOUTÉ POUR EMPÊCHER UN ADMINISTRATEUR DE MODIFIER LE COMPTE ANONYME
71	// AJOUTÉ POUR EMPÊCHER UN ADMINISTRATEUR DE MODIFIER UN COMPTE SUPER ADMIN
72	if (($this->security->getUser()->getId() === $user->getId()) \|\|
73	(!$this->security->isGranted('ROLE_SUPER_ADMIN') && $user->getRole() === 'ROLE_ANONYMOUS') \|\|
74	(!$this->security->isGranted('ROLE_SUPER_ADMIN') && $user->getRole() === 'ROLE_SUPER_ADMIN'))
75	{
76	return false;
77	// throw new \Exception('Operation denied');
78
79	} else {
80
81	return true;
82
83	}
84
85	}
86
87	/* private function canUpdate(Usertodo $user)
88	{
89	// AJOUTÉ POUR EMPÊCHER UN ADMINISTRATEUR OU UN MANAGER DE MODIFIER SON PROPRE COMPTE
90	// AJOUTÉ POUR EMPÊCHER UN ADMINISTRATEUR DE MODIFIER LE COMPTE ANONYME
91	// AJOUTÉ POUR EMPÊCHER UN ADMINISTRATEUR DE MODIFIER UN COMPTE SUPER ADMIN
92	if (($this->security->getUser()->getId() === $user->getId()) \|\|
93	(!$this->security->isGranted('ROLE_SUPER_ADMIN') && $user->getRole() === 'ROLE_ANONYMOUS') \|\|
94	(!$this->security->isGranted('ROLE_SUPER_ADMIN') && $user->getRole() === 'ROLE_SUPER_ADMIN'))
95	{
96	return false;
97	// throw new \Exception('Operation denied');
98
99	} else {
100
101	return true;
102
103	}
104
105	} */
106
107	/* private function canDelete(Usertodo $user)
108	{
109	// AJOUTÉ POUR EMPÊCHER UN ADMINISTRATEUR OU UN MANAGER DE SUPPRIMER SON PROPRE COMPTE
110	// AJOUTÉ POUR EMPÊCHER UN ADMINISTRATEUR DE SUPPRIMER LE COMPTE ANONYME
111	// AJOUTÉ POUR EMPÊCHER UN ADMINISTRATEUR DE SUPPRIMER UN COMPTE SUPER ADMIN
112	// if($this->security->getUser()->getId() === $user->getId())
113	if (($this->security->getUser()->getId() === $user->getId()) \|\|
114	(!$this->security->isGranted('ROLE_SUPER_ADMIN') && $user->getRole() === 'ROLE_ANONYMOUS') \|\|
115	(!$this->security->isGranted('ROLE_SUPER_ADMIN') && $user->getRole() === 'ROLE_SUPER_ADMIN'))
116	{
117	return false;
118	// throw new \Exception('Operation denied');
119
120	} else {
121
122	return true;
123
124	}
125
126	} */
127
128
129	}