src/Security/Voter/SubjectVoter.php line 10

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Entity\Subject;
  6. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  7. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  8. use Symfony\Component\Security\Core\User\UserInterface;
  10. class SubjectVoter extends Voter
  11. {
  12.     protected function supports($attribute$targetEntity)
  13.     {
  15.         return in_array($attribute, ['USER_CAN_EDIT_SUBJECT''ALT_MANAGER_CAN_SEE_SUBJECT'])
  16.             && $targetEntity instanceof \App\Entity\Subject;
  17.     }
  19.     protected function voteOnAttribute($attribute$targetEntityTokenInterface $token)
  20.     {
  21.         $user $token->getUser();
  22.         if (!$user instanceof UserInterface) {
  23.             return false;
  24.         }
  26.         if(in_array('ROLE_ADMIN'$user->getRoles())) {
  27.             return true;
  28.         }
  30.         if(in_array('ROLE_SUPER_ADMIN'$user->getRoles())) {
  31.             return true;
  32.         }
  34.         switch ($attribute) {
  35.             case 'USER_CAN_EDIT_SUBJECT':
  37.                 if ($targetEntity->getAuthor()->getId() == $user->getId()) {
  38.                     return true;
  39.                 }
  40.                 break;
  42.             case 'ALT_MANAGER_CAN_SEE_SUBJECT':
  44.                 if(!in_array('ROLE_ALTERNATIVE_MANAGER'$user->getRoles())) {
  45.                     return false;
  46.                 }
  47.                 if ($targetEntity->getIsViewableForAlternativeManager() == 1  ) {
  48.                     return true;
  49.                 }
  50.                 break;
  53.         }
  55.         return false;
  56.     }
  57. }