src/Security/Voter/HelpCategoryVoter.php line 12

Open in your IDE?
  1. <?php
  3. namespace MedBrief\MSR\Security\Voter;
  5. use MedBrief\MSR\Entity\HelpCategory;
  6. use Override;
  7. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  8. use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
  9. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  10. use Symfony\Component\Security\Core\User\UserInterface;
  12. class HelpCategoryVoter extends Voter
  13. {
  14. public const VIEW = 'VIEW';
  16. public function __construct(private readonly AuthorizationCheckerInterface $authorizationChecker)
  17. {
  18. }
  20. #[Override]
  21. protected function supports($attribute, $subject): bool
  22. {
  23. return $attribute == self::VIEW
  24. && $subject instanceof HelpCategory;
  25. }
  27. #[Override]
  28. protected function voteOnAttribute($attribute, $subject, TokenInterface $token): bool
  29. {
  30. $user = $token->getUser();
  31. // if the user is anonymous, do not grant access
  32. if (!$user instanceof UserInterface) {
  33. return false;
  34. }
  36. /** @var HelpCategory $HelpCategory */
  37. $HelpCategory = $subject;
  38. // ... (check conditions and return true to grant permission) ...
  39. return match ($attribute) {
  40. self::VIEW => $this->canView($HelpCategory),
  41. default => false,
  42. };
  43. }
  45. protected function canView(HelpCategory $HelpCategory): bool
  46. {
  47. // if the category is not active, return false as it is not necessary to check sections
  48. if ($HelpCategory->getActive() === false) {
  49. return false;
  50. }
  52. foreach ($HelpCategory->getSections() as $section) {
  53. if ($this->authorizationChecker->isGranted(HelpSectionVoter::VIEW, $section)) {
  54. return true;
  55. }
  56. }
  57. return false;
  58. }
  59. }