src/Security/Voter/Webmaster/WebmasterVoter.php line 10

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter\Webmaster;
  5. use App\Entity\Webmaster;
  6. use App\Security\ApiUser;
  7. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  8. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  10. class WebmasterVoter extends Voter
  11. {
  12.     public const STATS 'stats';
  13.     public const TRAFFIC 'traffic';
  14.     public const ADS 'ads';
  15.     public const CAMPAIGNS 'campaigns';
  16.     public const EDIT 'edit';
  17.     public const PERMISSION_READ_SENSITIVE 'read_sensitive';
  18.     public const PERMISSION_WRITE_SENSITIVE 'write_sensitive';
  20.     protected function supports(string $attribute$subject): bool
  21.     {
  22.         if (!$subject instanceof Webmaster) {
  23.             return false;
  24.         }
  26.         return in_array($attribute, [
  27.             self::STATSself::TRAFFIC,
  28.             self::ADS,
  29.             self::CAMPAIGNS,
  30.             self::EDIT,
  31.             self::PERMISSION_READ_SENSITIVE,
  32.             self::PERMISSION_WRITE_SENSITIVE,
  33.         ], true);
  34.     }
  36.     protected function voteOnAttribute(string $attribute$subjectTokenInterface $token): bool
  37.     {
  38.         $user $token->getUser();
  40.         if (!$user instanceof ApiUser) {
  41.             return false;
  42.         }
  43.         // admin should be able to do anything
  44.         if ($user->getIsAdmin()) {
  45.             return true;
  46.         }
  48.         /*
  49.          * @var $subject Webmaster
  50.          */
  51.         return $user->getIsWebmaster() && $user->getWebmaster()->getId() === $subject->getId();
  52.     }
  53. }