<?php
namespace App\Security\Voter;
use App\Entity\Application;
use App\Entity\Project;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Symfony\Component\Security\Core\User\UserInterface;
class ApplicationVoter extends Voter
{
public const EDITABLE = 'IS_EDITABLE';
public const OWNER = 'IS_OWNER';
// public const VIEW = 'POST_VIEW';
protected function supports(string $attribute, $subject): bool
{
// replace with your own logic
// https://symfony.com/doc/current/security/voters.html
return in_array($attribute, [self::EDITABLE, self::OWNER])
&& $subject instanceof Application;
}
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
{
$user = $token->getUser();
// if the user is anonymous, do not grant access
if (!$user instanceof UserInterface) {
return false;
}
if (!$subject instanceof Application) {
throw new \Exception('Wrong type somehow passed');
}
// ... (check conditions and return true to grant permission) ...
switch ($attribute) {
case self::EDITABLE:
return $subject->isActive() && $subject->isOpen() && $subject->getDistrict()->getUser()->contains($user);
// if ($subject->isActive()) {
// return $subject->isOpen() && $subject->getDistrict()->getUser()->contains($user);
// } else {
// return $subject->getDistrict()->getActiveApplication()->isOpen() && $subject->getDistrict()->getUser()->contains($user);
// }
break;
case self::OWNER:
return $subject->getDistrict()->getUser()->contains($user);
break;
}
return false;
}
}