src/Security/Voter/SystemSettingVoter.php line 13

Open in your IDE?
  1. <?php
  3. namespace MedBrief\MSR\Security\Voter;
  5. use MedBrief\MSR\Entity\SystemSetting;
  6. use MedBrief\MSR\Entity\User;
  7. use Override;
  8. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  9. use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
  10. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  11. use Symfony\Component\Security\Core\User\UserInterface;
  13. class SystemSettingVoter extends Voter
  14. {
  15. public function __construct(private readonly AuthorizationCheckerInterface $authorizationChecker)
  16. {
  17. }
  19. #[Override]
  20. protected function supports($attribute, $subject)
  21. {
  22. return in_array($attribute, [
  23. 'SYSTEM_SETTING_READ',
  24. 'SYSTEM_SETTING_UPDATE',
  25. ])
  26. && $subject instanceof SystemSetting;
  27. }
  29. #[Override]
  30. protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
  31. {
  32. /** @var User $user */
  33. $user = $token->getUser();
  34. // if the user is anonymous, do not grant access
  35. if (!$user instanceof UserInterface) {
  36. return false;
  37. }
  39. // For now, just having the Technical Admin role is sufficient
  40. return $this->authorizationChecker->isGranted('ROLE_TECHNICAL_ADMIN');
  41. }
  42. }