<?php
namespace App\Security\Voter;
use App\Entity\Composition\Composition;
use App\Entity\Package\PackageSongWriter;
use App\Entity\Profile\Profile;
use App\Entity\User\User;
use App\Enums\Constants;
use App\Enums\PackageSongwriterStatus;
use App\Repository\Package\PackageSongwriterRepository;
use App\Repository\Profile\ProfileRepository;
use App\Service\AuthenticationService;
use App\Service\CompositionService;
use App\Service\ProfileService;
use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Symfony\Component\Security\Core\User\UserInterface;
class CompositionVoter extends Voter
{
private const COMPOSITION_ACCESS = 'COMPOSITION_ACCESS';
private const COMPOSITION_EDIT = 'COMPOSITION_EDIT';
private const COMPOSITION_DELETE = 'COMPOSITION_DELETE';
/**
* @var CompositionService
*/
private $compositionService;
/** @var ProfileService */
private $profileService;
/** @var AuthenticationService */
private $authenticationService;
/** @var ProfileRepository */
private $profileRepository;
public function __construct(
CompositionService $compositionService,
ProfileService $profileService,
AuthenticationService $authenticationService,
ProfileRepository $profileRepository
)
{
$this->compositionService = $compositionService;
$this->profileService = $profileService;
$this->authenticationService = $authenticationService;
$this->profileRepository = $profileRepository;
}
protected function supports($attribute, $subject)
{
return in_array($attribute, [
self::COMPOSITION_ACCESS,
self::COMPOSITION_EDIT,
self::COMPOSITION_DELETE
], true) && $subject instanceof Composition;
}
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
{
/** @var User $user */
$user = $token->getUser();
if($_ENV['CWR_ENVIROMENT'] !== 'local'){
/** @var Profile $profile */
$profile = $this->profileService->findLastAccessedProfileForUser($this->authenticationService->getUser());
}else{
/** @var Profile $profile */
$profile = $this->profileRepository->findOneBy(['urlName' => "colita-telerin"]);
}
// if the user is anonymous, do not grant access
if (!$user instanceof UserInterface) {
return false;
}
/*if($this->authenticationService->userIsMmpzServiceAdmin($user)){
return true;
}*/
switch ($attribute) {
case self::COMPOSITION_ACCESS:
$profileHasInactiveSubscription = $this->profileService->profielHasInactivePacakgeSubcription($profile);
if($profileHasInactiveSubscription){
throw new BadRequestHttpException("The status of your subscription is currently Inactive. This means we have not yet received payment and you will not be able to upload any songs. Please contact publishing@horusmusic.global to discuss this and request an invoice to make a direct payment.");
}
$hasActivePackage = $this->profileService->profielHasActivePacakgeSubcription($profile);
if(!$hasActivePackage){
throw new BadRequestHttpException("This profile doesn't have a package or subscription active");
}
$canAccess = $this->compositionService->userCanAccessComposition($user, $subject);
return ($canAccess && $hasActivePackage && !$profileHasInactiveSubscription);
case self::COMPOSITION_EDIT:
if(($_ENV['CWR_ENVIROMENT'] === 'local')){
return true;
}
$profileHasInactiveSubscription = $this->profileService->profielHasInactivePacakgeSubcription($profile);
if($profileHasInactiveSubscription){
throw new BadRequestHttpException("The status of your subscription is currently Inactive. This means we have not yet received payment and you will not be able to upload any songs. Please contact publishing@horusmusic.global to discuss this and request an invoice to make a direct payment.");
}
$hasActivePackage = $this->profileService->profielHasActivePacakgeSubcription($profile);
if(!$hasActivePackage){
throw new BadRequestHttpException("This profile doesn't have a package or subscription active");
}
$canEdit = $this->compositionService->userCanEditComposition($user, $subject);
return ($canEdit && $hasActivePackage && !$profileHasInactiveSubscription);
case self::COMPOSITION_DELETE:
return $this->compositionService->userCanDeleteComposition($user, $subject);
}
return false;
}
}