src/Security/Voter/EventVoter.php line 11

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Entity\Event;
  6. use App\Entity\User;
  7. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  8. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  9. use Symfony\Component\Security\Core\Security;
  11. class EventVoter extends Voter
  12. {
  13. const EVENT_MANAGE = 'EVENT_MANAGE';
  14. /**
  15. * @var Security
  16. */
  17. private $security;
  19. /**
  20. * UserVoter constructor.
  21. * @param Security $security
  22. */
  23. public function __construct(Security $security)
  24. {
  25. $this->security = $security;
  26. }
  28. protected function supports($attribute, $subject)
  29. {
  30. return in_array($attribute, [self::EVENT_MANAGE])
  31. && $subject instanceof Event;
  32. }
  34. protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
  35. {
  36. /** @var User $user */
  37. $user = $token->getUser();
  39. // if the user is anonymous, do not grant access
  40. if (!$user instanceof User) {
  41. return false;
  42. }
  44. // if the user is anonymous, do not grant access
  45. if (!in_array('ROLE_ADMIN', $user->getRoles()) || !in_array('ROLE_ECITY', $user->getRoles())) {
  46. return false;
  47. }
  48. // get user permissions
  49. $permissions = $user->getPermissions();
  51. if( !is_array($permissions) ) {
  52. return false;
  53. }
  55. switch ($attribute) {
  56. case self::EVENT_MANAGE:
  57. if (in_array('EVENT_MANAGE', $permissions)) {
  58. return true;
  59. }
  60. break;
  61. }
  63. return false;
  64. }
  65. }