src/Security/Voter/CandidateVoter.php line 19

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Entity\AbstractCollaborator;
  6. use App\Entity\Candidate;
  7. use App\Entity\Agent;
  8. use Exception;
  9. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  10. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  11. use Symfony\Component\Security\Core\Security;
  12. use Symfony\Component\Security\Core\User\UserInterface;
  14. /**
  15.  * @package App\Security\Voter
  16.  * @class CandidateVoter
  17.  *
  18.  */
  19. class CandidateVoter extends Voter
  20. {
  21.     public const POST 'POST';
  22.     public const PUT 'PUT';
  23.     public const GET 'GET';
  24.     public const STATUS 'STATUS';
  26.     /**
  27.      * @var Security
  28.      */
  29.     private Security $security;
  31.     /**
  32.      * @param Security $security
  33.      */
  34.     public function __construct(Security $security)
  35.     {
  36.         $this->security $security;
  37.     }
  39.     /**
  40.      * @param string $attribute
  41.      * @param mixed $subject
  42.      * @return bool
  43.      */
  44.     protected function supports(string $attribute$subject): bool
  45.     {
  46.         return in_array($attribute, [self::POSTself::PUT,self::GET,self::STATUS], true) && $subject instanceof Candidate;
  47.     }
  49.     /**
  50.      * @throws Exception
  51.      */
  52.     protected function voteOnAttribute(string $attribute$subjectTokenInterface $token): bool
  53.     {
  54.         /** @var UserInterface $user */
  55.         $user $token->getUser();
  57.         // Deny anonymous users
  58.         if (!$user instanceof UserInterface) {
  59.             return false;
  60.         }
  62.         /** @var Candidate $subject */
  63.         switch ($attribute) {
  64.             case self::STATUS:
  65.             case self::GET:
  67.                 if ($this->security->isGranted(AbstractCollaborator::ROLE_MANAGER) || $this->security->isGranted(AbstractCollaborator::ROLE_AGENT)) {
  68.                     return true;
  69.                 }
  70.                 break;
  71.             case self::PUT:
  72.                 if ($subject->getSponsor() === $user) {
  73.                     return true;
  74.                 }
  75.                 break;
  77.             case self::POST:
  78.                 if ($this->security->isGranted(AbstractCollaborator::ROLE_AGENT)) {
  79.                     return true;
  80.                 }
  81.                 return false;
  82.         }
  84.         throw new Exception(sprintf('Unhandled attribute "%s"'$attribute));
  85.     }
  86. }