<?php
namespace App\Security\Voter;
use App\Entity\Shareregister;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Symfony\Component\Security\Core\User\UserInterface;
class PubVoter extends Voter
{
protected function supports($attribute, $subject)
{
return in_array($attribute, ['PUB_EDIT', 'PUB_VIEW'])
&& $subject instanceof \App\Entity\Pub;
}
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
{
$user = $token->getUser();
// if the user is anonymous, do not grant access
if (!$user instanceof UserInterface) {
return false;
}
if(in_array('ROLE_MANAGER', $user->getRoles())) {
return true;
}
if(in_array('ROLE_ALTERNATIVE_MANAGER', $user->getRoles())) {
return true;
}
if(in_array('ROLE_ADMIN', $user->getRoles())) {
return true;
}
if(in_array('ROLE_SUPER_ADMIN', $user->getRoles())) {
return true;
}
// ... (check conditions and return true to grant permission) ...
switch ($attribute) {
case 'PUB_EDIT':
// logic to determine if the user can EDIT
// return true or false
break;
case 'PUB_VIEW':
/** @var Shareregister $share */
foreach ($subject->getShares() as $share ) {
if($share->getInvestmentAmount() < 1) {
continue;
}
if($share->getUser()->getUsername() == $user->getUsername()) {
return true;
}
}
return false;
break;
}
return false;
}
}