<?php/* * Author: Dominik Piekarski <code@dompie.de> * Created at: 2021/11/12 12:40 */declare(strict_types=1);namespace App\Security\Voter\User;use App\Entity\BlogEntry;use App\Security\ApiUser;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;class BlogEntryVoter extends Voter{ public const PERMISSION_MANAGE = 'manage'; public const PERMISSION_VIEW_UNPUBLISHED = 'view_unpublished'; protected function supports(string $attribute, $subject): bool { return $subject instanceof BlogEntry && in_array($attribute, [ self::PERMISSION_MANAGE, self::PERMISSION_VIEW_UNPUBLISHED, ]); } /** * @param BlogEntry $subject */ protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool { /** @var ApiUser $user */ $user = $token->getUser(); if ($user->getIsAdmin()) { return true; } if (!$user->getIsAmateur()) { return false; } switch ($attribute) { case self::PERMISSION_VIEW_UNPUBLISHED: case self::PERMISSION_MANAGE: return $subject->getMember()->getId() === $user->getMember()->getId(); } return false; }}