src/Security/Voter/CandidatureVoter.php line 9

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  6. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  7. use Symfony\Component\Security\Core\User\UserInterface;
  9. class CandidatureVoter extends Voter
  10. {
  11. protected function supports(string $attribute, $subject): bool
  12. {
  13. // replace with your own logic
  14. // https://symfony.com/doc/current/security/voters.html
  15. return in_array($attribute, ['POST_EDIT', 'POST_VIEW'])
  16. && $subject instanceof \App\Entity\Candidature;
  17. }
  19. protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
  20. {
  21. $user = $token->getUser();
  22. // if the user is anonymous, do not grant access
  23. if (!$user instanceof UserInterface) {
  24. return false;
  25. }
  27. // ... (check conditions and return true to grant permission) ...
  28. switch ($attribute) {
  29. case 'POST_EDIT':
  30. // logic to determine if the user can EDIT
  31. // return true or false
  32. break;
  33. case 'POST_VIEW':
  34. // logic to determine if the user can VIEW
  35. // return true or false
  36. break;
  37. }
  39. return false;
  40. }
  41. }