src/Security/Voter/ProjectChangeVoter.php line 13

Open in your IDE?
  1. <?php
  3. declare(strict_types=1);
  5. namespace App\Security\Voter;
  7. use App\Entity\{Project\ProjectUser};
  8. use Symfony\Component\Security\Core\{Authentication\Token\TokenInterfaceAuthorization\Voter\VoterSecurity};
  10. /**
  11.  * Does user can change the project?
  12.  */
  13. class ProjectChangeVoter extends Voter
  14. {
  15.     private Security $security;
  17.     public function __construct(Security $security)
  18.     {
  19.         $this->security $security;
  20.     }
  22.     protected function supports(string $attribute$subject): bool
  23.     {
  24.         return $attribute === 'PROJECT_EDIT' && $subject instanceof Project;
  25.     }
  27.     /**
  28.      * @param string        $attribute
  29.      * @param Project|mixed $subject
  30.      */
  31.     protected function voteOnAttribute($attribute$subjectTokenInterface $token): bool
  32.     {
  33.         $user $token->getUser();
  34.         $manager $user->getManager();
  36.         if ($this->security->isGranted('ROLE_MASTER_MANAGER')) {
  37.             return true;
  38.         }
  40.         if ($this->security->isGranted('ROLE_MANAGER') && $subject->getManagers()->contains($manager)) {
  41.             return true;
  42.         }
  44.         return false;
  45.     }
  46. }