src/Security/Voter/RoleVoter.php line 11

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Entity\Enum\RoleEnum;
  6. use App\Entity\RoleManagement;
  7. use App\Entity\User;
  8. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  9. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  11. class RoleVoter extends Voter
  12. {
  13.     private function getRolesList(): array
  14.     {
  15.         return [
  16.             RoleEnum::SUPER_ADMIN->value,
  17.             RoleEnum::REGULAR_ADMIN->value,
  18.             RoleEnum::ROLE_CLIENT->value,
  19.         ];
  20.     }
  22.     protected function supports($attribute$subject): bool
  23.     {
  24.         $supportsAttribute in_array($attribute, ['edit''delete']);
  26.         return $supportsAttribute && $subject instanceof RoleManagement;
  27.     }
  29.     protected function voteOnAttribute(string $attribute$subjectTokenInterface $token): bool
  30.     {
  31.         $authenticatedUser $token->getUser();
  32.         if (!$authenticatedUser instanceof User) return false;
  34.         if ($authenticatedUser->getUserRole()->isEmpty()) return false;
  36.         /** @var RoleManagement $role */
  37.         $role $authenticatedUser->getUserRole()[0];
  39.         /** @var RoleManagement $subjectRole */
  40.         $subjectRole $subject;
  42.         if ($role->getRoleName() === RoleEnum::SUPER_ADMIN->value) return true;
  44.         if ($role->getRoleName() === RoleEnum::REGULAR_ADMIN->value) {
  45.             return !in_array($subjectRole->getRoleName(), $this->getRolesList());
  46.         }
  48.         return false;
  49.     }
  50. }