<?phpnamespace App\Security\Voter\Profile\Commission;use App\Model\User\Entity\User\Role\Permission;use App\ReadModel\Profile\DetailView;use App\Security\UserIdentity;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;use Symfony\Component\Security\Core\Security;class CommissionVoter extends Voter{ public const PROFILE_COMMISSION_LIST = 'profile_commission_list'; public const PROFILE_COMMISSION_CREATE = 'profile_commission_create'; public const PROFILE_COMMISSION_SHOW = 'profile_commission_show'; public const PROFILE_COMMISSION_DELETE = 'profile_commission_delete'; private $security; public function __construct(Security $security) { $this->security = $security; } protected function supports(string $attribute, $subject) { return in_array($attribute, [ self::PROFILE_COMMISSION_LIST, self::PROFILE_COMMISSION_CREATE, self::PROFILE_COMMISSION_SHOW, self::PROFILE_COMMISSION_DELETE ], true); } protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool { if ($this->security->isGranted('ROLE_MODERATOR')) { return true; } $user = $token->getUser(); if (!$user instanceof UserIdentity) { return false; } if (!$subject instanceof DetailView) { return false; } if ($user->getId() !== $subject->user_id) { return false; } switch ($attribute) { case self::PROFILE_COMMISSION_LIST: return $user->isPermission(Permission::PROFILE_COMMISSION_LIST); break; case self::PROFILE_COMMISSION_CREATE: return $user->isPermission(Permission::PROFILE_COMMISSION_CREATE); break; case self::PROFILE_COMMISSION_SHOW: return $user->isPermission(Permission::PROFILE_COMMISSION_SHOW); break; case self::PROFILE_COMMISSION_DELETE: return $user->isPermission(Permission::PROFILE_COMMISSION_DELETE); break; } return false; }}