src/Security/Voter/ClientPermissionVoter.php line 9

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Entity\User;
  6. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  7. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  9. class ClientPermissionVoter extends Voter
  10. {
  11. const ATTR = 'clientPermission';
  13. protected function supports(string $attribute, $subject): bool
  14. {
  15. // if the attribute isn't one we support, return false
  16. if ($attribute !== self::ATTR) {
  17. return false;
  18. }
  20. // only vote on `Invoice` objects
  21. if (!is_string($subject)) {
  22. return false;
  23. }
  25. return true;
  26. }
  28. protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
  29. {
  30. $loggedUser = $token->getUser();
  32. if (!$loggedUser instanceof User) {
  33. // the user must be logged in; if not, deny access
  34. return false;
  35. }
  37. /** @var string $permissionName */
  38. $permissionName = $subject;
  40. foreach ($loggedUser->getClient()->getPermissions() as $permission) {
  41. if ($permission->getName() === $permissionName) {
  42. return true;
  43. }
  44. }
  46. return false;
  47. }
  48. }