groove/Part-DB-server
1
0
Fork 0
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2026-01-15 06:39:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added voter reason explaination to the other voters

Browse source
This commit is contained in:
Jan Böhmer 2025-09-06 00:24:55 +02:00
parent 117ff4484d
commit eb4258053e
14 changed files with 65 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

9
src/Security/Voter/AttachmentVoter.php
View file

@ -41,6 +41,7 @@ use App\Entity\Attachments\UserAttachment;
use RuntimeException;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Vote;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use function in_array;
@ -56,7 +57,7 @@ final class AttachmentVoter extends Voter
{
}
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token, ?Vote $vote = null): bool
{
//This voter only works for attachments
@ -65,7 +66,8 @@ final class AttachmentVoter extends Voter
}
if ($attribute === 'show_private') {
return $this->helper->isGranted($token, 'attachments', 'show_private');
$vote?->addReason('User is not allowed to view private attachments.');
return $this->helper->isGranted($token, 'attachments', 'show_private', $vote);
}
@ -111,7 +113,8 @@ final class AttachmentVoter extends Voter
throw new RuntimeException('Encountered unknown Parameter type: ' . $subject);
}
return $this->helper->isGranted($token, $param, $this->mapOperation($attribute));
$vote?->addReason('User is not allowed to '.$this->mapOperation($attribute).' attachments of type '.$param.'.');
return $this->helper->isGranted($token, $param, $this->mapOperation($attribute), $vote);
}
return false;