src/Security/Voter/ProductEvaluationVoter.php line 11

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Entity\ProductVote;
  6. use App\Entity\User;
  7. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  8. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  9. use Symfony\Component\Security\Core\Security;
  11. class ProductEvaluationVoter extends Voter
  12. {
  13.     const DELETE 'delete';
  15.     private $security;
  17.     public function __construct(Security $security)
  18.     {
  19.         $this->security $security;
  20.     }
  22.     protected function supports($attribute$subject)
  23.     {
  24.         if (!in_array($attribute, [self::DELETE])) {
  25.             return false;
  26.         }
  28.         if (!$subject instanceof ProductVote) {
  29.             return false;
  30.         }
  32.         return true;
  33.     }
  35.     protected function voteOnAttribute($attribute$subjectTokenInterface $token)
  36.     {
  37.         $user $token->getUser();
  39.         if (!$user instanceof User) {
  40.             return false;
  41.         }
  43.         /** @var ProductVote $evaluation */
  44.         $evaluation $subject;
  46.         if ($this->security->isGranted(User::ROLE_SUPER_ADMIN)) {
  47.             return true;
  48.         }
  50.         switch ($attribute) {
  51.             case self::DELETE:
  52.                 return $this->canDelete($evaluation$user$token);
  53.         }
  55.         throw new \LogicException('This code should not be reached!');
  56.     }
  58.     private function canDelete(ProductVote $evaluationUser $userTokenInterface $token)
  59.     {
  60.         return $evaluation->getCreatedBy() === $user;
  61.     }
  62. }