From e5f09bd8cce617a4178b31075a0020ce01486223 Mon Sep 17 00:00:00 2001 From: Ryan Prather Date: Fri, 24 Jan 2025 10:35:46 -0500 Subject: [PATCH] upd: Libs Permissions checking * Add checkPermissions method to check the permissions of the user to the case to make sure they have permissions to add or edit. --- src/Libs/Libs.php | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/src/Libs/Libs.php b/src/Libs/Libs.php index 3494af5..032095b 100644 --- a/src/Libs/Libs.php +++ b/src/Libs/Libs.php @@ -3,8 +3,11 @@ namespace App\Libs; use App\Entity\Location; +use App\Entity\MemberCase; use App\Entity\Messages; +use App\Entity\Supervision; use App\Entity\User; +use App\Entity\UserCase; use Doctrine\ORM\EntityManagerInterface; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\HttpFoundation\Response; @@ -108,4 +111,41 @@ class Libs extends AbstractController return $msgs; } + + /** + * Checks if the user has permission to access a case. + * + * @param User $user + * @param MemberCase $case + * @param EntityManagerInterface $em + * + * @return bool + */ + public static function checkPermissions(User $user, MemberCase $case, EntityManagerInterface $em): bool + { + // if user is an admin, allow the action + if (in_array('ROLE_ADMIN', $user->getRoles())) { + return true; + } + + // if user is assigned to this case, allow the action + $uc = $em->getRepository(UserCase::class)->findOneBy(['user' => $user, 'memberCase' => $case]); + if ($uc) { + return true; + } + + // get user of the case and check if user is a supervisor of the worker + /** @var ?UserCase $uc */ + $uc = $em->getRepository(UserCase::class)->findOneBy(['memberCase' => $case]); + if ($uc) { + $sup = $em->getRepository(Supervision::class)->findOneBy(['supervisor' => $user, 'worker' => $uc->getUser()]); + + if ($sup) { + return true; + } + } + + // user does not have permissions to the case + return false; + } }