src/Security/Voter/MenuSectionVoter.php line 15

  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Entity\MenuSections;
  6. use App\Entity\Restaurants;
  7. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  8. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  9. use Symfony\Component\Security\Core\User\UserInterface;
  10. use Symfony\Component\Security\Core\Security;
  11. use App\Entity\City;
  12. use Doctrine\Persistence\ManagerRegistry;
  13. use Symfony\Component\HttpFoundation\RequestStack;
  15. class MenuSectionVoter extends Voter
  16. {
  17.     private $em;
  18.     private $session;
  19.     // these strings are just invented: you can use anything
  20.     const EDIT 'edit';
  22.     public function __construct(
  23.         protected Security $security,
  24.         protected ManagerRegistry $doctrine,
  25.         protected RequestStack $requestStack
  26.         )
  27.     {
  28.         $this->em $this->doctrine->getManager();
  29.         $this->session $this->requestStack->getSession();
  30.     }
  33.     // protected function supports($attribute, $subject)
  34.     protected function supports(string $attributemixed $subject): bool
  35.     {
  36.         // replace with your own logic
  37.         // https://symfony.com/doc/current/security/voters.html
  38.         return in_array($attribute, [self::EDIT])
  39.             && $subject instanceof \App\Entity\MenuSections;
  40.     }
  42.     // protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
  43.     protected function voteOnAttribute(string $attributemixed $subjectTokenInterface $token): bool
  44.     {
  45.         $user $token->getUser();
  46.         /** @var MenuSections $menuSection */
  47.         $menuSection $subject;
  49.         // if the user is anonymous, do not grant access
  50.         if (!$user instanceof UserInterface) {
  51.             return false;
  52.         }
  54.         // ROLE_ADMIN can do anything! The power!
  55.         if ($this->security->isGranted('ROLE_ADMIN')) {
  56.             return true;
  57.         }
  59.         // ... (check conditions and return true to grant permission) ...
  60.         switch ($attribute) {
  61.             case self::EDIT:
  62.                 if ($this->security->isGranted('ROLE_CONTRACTOR')) {
  63.                     $cityIds = [];
  64.                     $city $this->em->getRepository(City::class)->findOneBy(['contractor' => $user->getId()]);
  65.                     if ($city->getSuburb() == null) {
  66.                         $cityIdStr $this->em->getRepository(City::class)->getSubCityIds($city->getId());
  67.                         $cityIds = [];
  68.                         if ($cityIdStr) {
  69.                             $cityIds explode(','$cityIdStr);
  70.                         }
  71.                     }
  72.                     array_push($cityIds$city->getId());
  74.                     $restIdStr $this->em->getRepository(Restaurants::class)->getRestIdsByCity($cityIds);
  75.                     $restIds = [];
  76.                     if ($restIdStr) {
  77.                         $restIds explode(','$restIdStr);
  78.                     }
  80.                     return in_array($menuSection->getRestaurantId()->getId(),$restIds);
  82.                 } elseif ($this->security->isGranted('ROLE_OWNER')) {
  84.                     return $menuSection->getRestaurantId()->getId() === $this->session->get('loginRestId');
  85.                 }
  86.                 break;
  87.         }
  89.         return false;
  90.     }
  91. }