|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* @file |
|
4
|
|
|
*/ |
|
5
|
|
|
|
|
6
|
|
|
namespace CultuurNet\UDB3\Offer; |
|
7
|
|
|
|
|
8
|
|
|
use CultuurNet\SymfonySecurityOAuthUitid\User; |
|
9
|
|
|
use CultuurNet\UDB3\Offer\ReadModel\Permission\PermissionQueryInterface; |
|
10
|
|
|
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; |
|
11
|
|
|
use ValueObjects\String\String; |
|
12
|
|
|
|
|
13
|
|
|
class Security implements SecurityInterface |
|
14
|
|
|
{ |
|
15
|
|
|
/** |
|
16
|
|
|
* @var PermissionQueryInterface |
|
17
|
|
|
*/ |
|
18
|
|
|
private $permissionRepository; |
|
19
|
|
|
|
|
20
|
|
|
/** |
|
21
|
|
|
* @var TokenStorageInterface |
|
22
|
|
|
*/ |
|
23
|
|
|
private $tokenStorage; |
|
24
|
|
|
|
|
25
|
|
|
public function __construct( |
|
26
|
|
|
TokenStorageInterface $tokenStorage, |
|
27
|
|
|
PermissionQueryInterface $permissionRepository |
|
28
|
|
|
) { |
|
29
|
|
|
$this->tokenStorage = $tokenStorage; |
|
30
|
|
|
$this->permissionRepository = $permissionRepository; |
|
31
|
|
|
} |
|
32
|
|
|
|
|
33
|
|
|
/** |
|
34
|
|
|
* @inheritdoc |
|
35
|
|
|
*/ |
|
36
|
|
|
public function allowsUpdateWithCdbXml(String $offerId) |
|
37
|
|
|
{ |
|
38
|
|
|
return $this->currentUiTIDUserCanEditOffer($offerId); |
|
39
|
|
|
} |
|
40
|
|
|
|
|
41
|
|
|
/** |
|
42
|
|
|
* @inheritdoc |
|
43
|
|
|
*/ |
|
44
|
|
|
public function allowsUpdates(String $offerId) |
|
45
|
|
|
{ |
|
46
|
|
|
return $this->currentUiTIDUserCanEditOffer($offerId); |
|
47
|
|
|
} |
|
48
|
|
|
|
|
49
|
|
|
/** |
|
50
|
|
|
* @param String $offerId |
|
51
|
|
|
* @return bool |
|
52
|
|
|
*/ |
|
53
|
|
|
private function currentUiTIDUserCanEditOffer(String $offerId) |
|
54
|
|
|
{ |
|
55
|
|
|
$token = $this->tokenStorage->getToken(); |
|
56
|
|
|
|
|
57
|
|
|
if (!$token) { |
|
58
|
|
|
return false; |
|
59
|
|
|
} |
|
60
|
|
|
|
|
61
|
|
|
$user = $token->getUser(); |
|
62
|
|
|
|
|
63
|
|
|
if ($user instanceof User) { |
|
|
|
|
|
|
64
|
|
|
$userId = new String($user->getUid()); |
|
65
|
|
|
} else if ($user instanceof \CultuurNet\UiTIDProvider\User\User) { |
|
|
|
|
|
|
66
|
|
|
$userId = new String($user->id); |
|
67
|
|
|
} |
|
68
|
|
|
|
|
69
|
|
|
if (!isset($userId)) { |
|
70
|
|
|
return false; |
|
71
|
|
|
} |
|
72
|
|
|
|
|
73
|
|
|
$editableEvents = $this->permissionRepository->getEditableOffers( |
|
74
|
|
|
$userId |
|
75
|
|
|
); |
|
76
|
|
|
|
|
77
|
|
|
return in_array($offerId, $editableEvents); |
|
78
|
|
|
} |
|
79
|
|
|
} |
|
80
|
|
|
|
cultuurnet /
udb3-php
Loading history...
This error could be the result of:
1. Missing dependencies
PHP Analyzer uses your
composer.jsonfile (if available) to determine the dependencies of your project and to determine all the available classes and functions. It expects thecomposer.jsonto be in the root folder of your repository.Are you sure this class is defined by one of your dependencies, or did you maybe not list a dependency in either the
requireorrequire-devsection?2. Missing use statement
PHP does not complain about undefined classes in
ìnstanceofchecks. For example, the following PHP code will work perfectly fine:If you have not tested against this specific condition, such errors might go unnoticed.