<?phpnamespace App\Security\Voter;use App\Entity\Application;use App\Entity\Project;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;use Symfony\Component\Security\Core\User\UserInterface;class ApplicationVoter extends Voter{ public const EDITABLE = 'IS_EDITABLE'; public const OWNER = 'IS_OWNER';// public const VIEW = 'POST_VIEW'; protected function supports(string $attribute, $subject): bool { // replace with your own logic // https://symfony.com/doc/current/security/voters.html return in_array($attribute, [self::EDITABLE, self::OWNER]) && $subject instanceof Application; } protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool { $user = $token->getUser(); // if the user is anonymous, do not grant access if (!$user instanceof UserInterface) { return false; } if (!$subject instanceof Application) { throw new \Exception('Wrong type somehow passed'); } // ... (check conditions and return true to grant permission) ... switch ($attribute) { case self::EDITABLE: return $subject->isActive() && $subject->isOpen() && $subject->getDistrict()->getUser()->contains($user);// if ($subject->isActive()) {// return $subject->isOpen() && $subject->getDistrict()->getUser()->contains($user);// } else {// return $subject->getDistrict()->getActiveApplication()->isOpen() && $subject->getDistrict()->getUser()->contains($user);// } break; case self::OWNER: return $subject->getDistrict()->getUser()->contains($user); break; } return false; }}