src/Security/Voter/ParentVoter.php line 11

  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Enum\RoleType;
  6. use Symfony\Bundle\SecurityBundle\Security;
  7. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  8. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  9. use Symfony\Component\Security\Core\User\UserInterface;
  11. class ParentVoter extends Voter
  12. {
  13.     public const EDIT 'PARENT_EDIT';
  14.     public const SHOW 'PARENT_SHOW';
  16.     private $security;
  18.     public function __construct(Security $security)
  19.     {
  20.         $this->security $security;
  21.     }
  23.     protected function supports(string $attributemixed $subject): bool
  24.     {
  25.         return in_array($attribute, [self::EDITself::SHOW]);
  26.     }
  28.     protected function voteOnAttribute(string $attributemixed $subjectTokenInterface $token): bool
  29.     {
  30.         $user $token->getUser();
  31.         // if the user is anonymous, do not grant access
  32.         if (!$user instanceof UserInterface) {
  33.             return false;
  34.         }
  36.         $accessIsGranted = match ($attribute) {
  38.             'PARENT_SHOW' =>
  39.                 $user->getId() === $subject['user_id']
  40.                 ||
  41.                 $this->security->isGranted(RoleType::ROLE_EMPLOYEE) ||
  42.                 $this->security->isGranted(RoleType::ROLE_PEDAGOGICAL_DIRECTOR),
  43.             'PARENT_EDIT' =>
  44.                 $user === $subject->getUser()
  45.                 ||
  46.                 $this->security->isGranted('ROLE_ADMIN'),
  48.         };
  49.         return $accessIsGranted;
  50.     }
  51. }