pierre/wallabag
1
0
Fork 0
forked from wallabag/wallabag
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Add IsGranted to TagController

Browse Source
This commit is contained in:
Yassine Guedidi
2025-03-16 15:00:28 +01:00
parent 4a1598165f
commit 943bfd9162
13 changed files with 310 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/Security/Voter/EntryVoter.php
View File

@ -20,6 +20,8 @@ class EntryVoter extends Voter
public const DELETE = 'DELETE';
public const LIST_ANNOTATIONS = 'LIST_ANNOTATIONS';
public const CREATE_ANNOTATIONS = 'CREATE_ANNOTATIONS';
public const TAG = 'TAG';
public const UNTAG = 'UNTAG';
protected function supports(string $attribute, $subject): bool
{
@ -27,7 +29,7 @@ class EntryVoter extends Voter
return false;
}
if (!\in_array($attribute, [self::VIEW, self::EDIT, self::RELOAD, self::STAR, self::ARCHIVE, self::SHARE, self::UNSHARE, self::EXPORT, self::DELETE, self::LIST_ANNOTATIONS, self::CREATE_ANNOTATIONS], true)) {
if (!\in_array($attribute, [self::VIEW, self::EDIT, self::RELOAD, self::STAR, self::ARCHIVE, self::SHARE, self::UNSHARE, self::EXPORT, self::DELETE, self::LIST_ANNOTATIONS, self::CREATE_ANNOTATIONS, self::TAG, self::UNTAG], true)) {
return false;
}
@ -56,6 +58,8 @@ class EntryVoter extends Voter
case self::DELETE:
case self::LIST_ANNOTATIONS:
case self::CREATE_ANNOTATIONS:
case self::TAG:
case self::UNTAG:
return $user === $subject->getUser();
}

6
src/Security/Voter/MainVoter.php
View File

@ -13,6 +13,8 @@ class MainVoter extends Voter
public const EDIT_ENTRIES = 'EDIT_ENTRIES';
public const EXPORT_ENTRIES = 'EXPORT_ENTRIES';
public const IMPORT_ENTRIES = 'IMPORT_ENTRIES';
public const LIST_TAGS = 'LIST_TAGS';
public const CREATE_TAGS = 'CREATE_TAGS';
public const LIST_SITE_CREDENTIALS = 'LIST_SITE_CREDENTIALS';
public const CREATE_SITE_CREDENTIALS = 'CREATE_SITE_CREDENTIALS';
public const EDIT_CONFIG = 'EDIT_CONFIG';
@ -30,7 +32,7 @@ class MainVoter extends Voter
return false;
}
if (!\in_array($attribute, [self::LIST_ENTRIES, self::CREATE_ENTRIES, self::EDIT_ENTRIES, self::EXPORT_ENTRIES, self::IMPORT_ENTRIES, self::LIST_SITE_CREDENTIALS, self::CREATE_SITE_CREDENTIALS, self::EDIT_CONFIG], true)) {
if (!\in_array($attribute, [self::LIST_ENTRIES, self::CREATE_ENTRIES, self::EDIT_ENTRIES, self::EXPORT_ENTRIES, self::IMPORT_ENTRIES, self::LIST_TAGS, self::CREATE_TAGS, self::LIST_SITE_CREDENTIALS, self::CREATE_SITE_CREDENTIALS, self::EDIT_CONFIG], true)) {
return false;
}
@ -45,6 +47,8 @@ class MainVoter extends Voter
case self::EDIT_ENTRIES:
case self::EXPORT_ENTRIES:
case self::IMPORT_ENTRIES:
case self::LIST_TAGS:
case self::CREATE_TAGS:
case self::LIST_SITE_CREDENTIALS:
case self::CREATE_SITE_CREDENTIALS:
case self::EDIT_CONFIG:

54
src/Security/Voter/TagVoter.php Normal file
View File

@ -0,0 +1,54 @@
<?php
namespace Wallabag\Security\Voter;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Symfony\Component\Security\Core\Security;
use Wallabag\Entity\Tag;
use Wallabag\Entity\User;
class TagVoter extends Voter
{
public const VIEW = 'VIEW';
public const EDIT = 'EDIT';
public const DELETE = 'DELETE';
public function __construct(
private Security $security,
) {
}
protected function supports(string $attribute, $subject): bool
{
if (!$subject instanceof Tag) {
return false;
}
if (!\in_array($attribute, [self::VIEW, self::EDIT, self::DELETE], true)) {
return false;
}
return true;
}
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
{
\assert($subject instanceof Tag);
$user = $token->getUser();
if (!$user instanceof User) {
return false;
}
switch ($attribute) {
case self::VIEW:
case self::EDIT:
case self::DELETE:
return $this->security->isGranted('ROLE_USER');
}
return false;
}
}