src/Security/Voter/HelpSectionVoter.php line 13

Open in your IDE?
  1. <?php
  3. namespace MedBrief\MSR\Security\Voter;
  5. use MedBrief\MSR\Entity\HelpSection;
  6. use MedBrief\MSR\Entity\User;
  7. use Override;
  8. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  9. use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
  10. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  11. use Symfony\Component\Security\Core\User\UserInterface;
  13. class HelpSectionVoter extends Voter
  14. {
  15. public const VIEW = 'VIEW';
  17. public function __construct(private readonly AuthorizationCheckerInterface $authorizationChecker)
  18. {
  19. }
  21. #[Override]
  22. protected function supports($attribute, $subject): bool
  23. {
  24. return $attribute == self::VIEW
  25. && $subject instanceof HelpSection;
  26. }
  28. #[Override]
  29. protected function voteOnAttribute($attribute, $subject, TokenInterface $token): bool
  30. {
  31. $user = $token->getUser();
  32. // if the user is anonymous, do not grant access
  33. if (!$user instanceof UserInterface) {
  34. return false;
  35. }
  37. /** @var HelpSection $helpSection */
  38. $helpSection = $subject;
  39. // ... (check conditions and return true to grant permission) ...
  40. return match ($attribute) {
  41. self::VIEW => $this->canView($helpSection),
  42. default => false,
  43. };
  44. }
  46. protected function canView(HelpSection $helpSection): bool
  47. {
  48. foreach ($helpSection->getArticles() as $article) {
  49. if ($this->authorizationChecker->isGranted(HelpArticleVoter::VIEW, $article)) {
  50. return true;
  51. }
  52. }
  53. return false;
  54. }
  55. }