Symfony Profiler

<?php
namespace App\Security\Voter;
use App\Entity\BlogComment;
use App\Entity\Event;
use App\Entity\User;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Symfony\Component\Security\Core\Security;
class EventVoter extends Voter
{
const EDIT = 'edit';
const VIEW_PRIVATE_DESCRIPTION = 'viewPrivateDescription';
const DELETE_COMMENT = 'deleteComment';
private $security;
public function __construct(Security $security)
{
$this->security = $security;
}
protected function supports($attribute, $subject)
{
if (!in_array($attribute, [self::EDIT, self::VIEW_PRIVATE_DESCRIPTION, self::DELETE_COMMENT])) {
return false;
}
if (!$subject instanceof Event) {
return false;
}
return true;
}
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
{
$user = $token->getUser();
if (!$user instanceof User) {
return false;
}
/** @var Event $event */
$event = $subject;
if ($this->security->isGranted(User::ROLE_SUPER_ADMIN)) {
return true;
}
switch ($attribute) {
case self::EDIT:
case self::DELETE_COMMENT:
return $this->canEdit($event, $user, $token);
case self::VIEW_PRIVATE_DESCRIPTION:
return $this->canViewPrivateDescription($event, $user, $token);
}
throw new \LogicException('This code should not be reached!');
}
private function canEdit(Event $event, User $user, TokenInterface $token)
{
return $event->getCreatedBy() === $user;
}
private function canViewPrivateDescription(Event $event, User $user, TokenInterface $token)
{
return $event->getCreatedBy() === $user || $event->isConfirmedMember($user);
}
}

src/Security/Voter/EventVoter.php line 13