src/Security/Voter/Purchase/PurchaseRequestItemVoter.php line 12

Open in your IDE?
  1. <?php
  2. namespace App\Security\Voter\Purchase;
  3. use App\Entity\Purchase\PurchaseRequestItem;
  4. use App\Entity\Security\User;
  5. use Symfony\Component\HttpFoundation\Session\SessionInterface;
  6. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  7. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  8. use Symfony\Component\Security\Core\User\UserInterface;
  9. class PurchaseRequestItemVoter extends Voter
  10. {
  11.     private $session;
  12.     public function __construct(SessionInterface $session)
  13.     {
  14.         $this->session $session;
  15.     }
  16.     protected function supports($attribute$subject)
  17.     {
  18.         // replace with your own logic
  19.         // https://symfony.com/doc/current/security/voters.html
  20.         if (!in_array($attribute, [
  21.             'ROLE_PURCHASE_REQUEST_ITEM_CREATE',
  22.             'ROLE_PURCHASE_REQUEST_ITEM_EDIT',
  23.             'ROLE_PURCHASE_REQUEST_ITEM_DELETE'
  24.         ])) {
  25.             return false;
  26.         }
  27.         // only vote on `Activity` objects
  28.         if (!$subject instanceof PurchaseRequestItem) {
  29.             return false;
  30.         }
  31.         return true;
  32.     }
  33.     protected function voteOnAttribute($attribute$subjectTokenInterface $token)
  34.     {
  35.         $user $token->getUser();
  36.         // if the user is anonymous, do not grant access
  37.         if (!$user instanceof UserInterface) {
  38.             return false;
  39.         }
  40.         // ... (check conditions and return true to grant permission) ...
  41.         switch ($attribute) {
  42.             case 'ROLE_PURCHASE_REQUEST_ITEM_CREATE':
  43.                 return $this->canCreate($subject$user);
  44.                 break;
  45.             case 'ROLE_PURCHASE_REQUEST_ITEM_EDIT':
  46.                 return $this->canEdit($subject$user);
  47.                 break;
  48.             case 'ROLE_PURCHASE_REQUEST_ITEM_DELETE':
  49.                 return $this->canDelete($subject$user);
  50.                 break;
  51.         }
  52.         return false;
  53.     }
  54.     private function canCreate(PurchaseRequestItem $purchaseRequestItemUser $user)
  55.     {
  56.         if (in_array('ROLE_PURCHASE_REQUEST_ITEM_CREATE'$this->session->get('privileges'))) {
  57.             return true;
  58.         }
  59.         return false;
  60.     }
  61.     private function canEdit(PurchaseRequestItem $purchaseRequestItemUser $user)
  62.     {
  63.         if (in_array('ROLE_PURCHASE_REQUEST_ITEM_EDIT'$this->session->get('privileges'))) {
  64.             return true;
  65.         }
  66.         return false;
  67.     }
  68.     private function canDelete(PurchaseRequestItem $purchaseRequestItemUser $user)
  69.     {
  70.         if (in_array('ROLE_PURCHASE_REQUEST_ITEM_DELETE'$this->session->get('privileges'))) {
  71.             return true;
  72.         }
  73.         return false;
  74.     }
  75. }