<?php/** * @author Thomas HERISSON (contact@scaledev.fr) * @copyright 2021 - ScaleDEV SAS, 12 RUE CHARLES MORET, 10120 ST ANDRE LES VERGERS * @license commercial */declare(strict_types=1);namespace Bluue\ProjectsBundle\Security;use App\Entity\User;use Bluue\ProjectsBundle\Entity\Project;use Bluue\ProjectsBundle\Entity\Task;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;use Symfony\Component\Security\Core\Security;class ProjectsVoter extends Voter{ public const ACCESS = 'PROJECTS_ACCESS'; /** * @var Security */ private Security $security; /** * @param Security $security */ public function __construct(Security $security) { $this->security = $security; } /** * @param string $attribute * @param mixed $subject * @return bool */ protected function supports(string $attribute, $subject): bool { if ($attribute != self::ACCESS) { return false; } if (!is_object($subject)) { return false; } return true; } /** * @param string $attribute * @param mixed $subject * @param TokenInterface $token * @return bool */ protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool { $user = $token->getUser(); if (!$user instanceof User) { return false; } if ($this->security->isGranted('ROLE__PROJECTS__ADMIN')) { return true; } if (!$this->security->isGranted('ROLE__PROJECTS__SMALL_ADMIN')) { return false; } if ($subject instanceof Task && $subject->getUsers()->contains($user)) { return true; } if (method_exists($subject, 'getCreatedBy') && $subject->getCreatedBy()) { return $user->getId() == $subject->getCreatedBy()->getId(); } else { return !($subject instanceof Task || $subject instanceof Project); } }}