<?phpnamespace App\Security\Voter;use App\Entity\Shareregister;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;use Symfony\Component\Security\Core\User\UserInterface;class PubVoter extends Voter{ protected function supports($attribute, $subject) { return in_array($attribute, ['PUB_EDIT', 'PUB_VIEW']) && $subject instanceof \App\Entity\Pub; } protected function voteOnAttribute($attribute, $subject, TokenInterface $token) { $user = $token->getUser(); // if the user is anonymous, do not grant access if (!$user instanceof UserInterface) { return false; } if(in_array('ROLE_MANAGER', $user->getRoles())) { return true; } if(in_array('ROLE_ALTERNATIVE_MANAGER', $user->getRoles())) { return true; } if(in_array('ROLE_ADMIN', $user->getRoles())) { return true; } if(in_array('ROLE_SUPER_ADMIN', $user->getRoles())) { return true; } // ... (check conditions and return true to grant permission) ... switch ($attribute) { case 'PUB_EDIT': // logic to determine if the user can EDIT // return true or false break; case 'PUB_VIEW': /** @var Shareregister $share */ foreach ($subject->getShares() as $share ) { if($share->getInvestmentAmount() < 1) { continue; } if($share->getUser()->getUsername() == $user->getUsername()) { return true; } } return false; break; } return false; }}