src/Security/Voter/SejourSessionVoter.php line 12

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Entity\Inscription;
  6. use App\Entity\User;
  7. use Doctrine\ORM\EntityManagerInterface;
  8. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  9. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  10. use Symfony\Component\Security\Core\User\UserInterface;
  12. class SejourSessionVoter extends Voter
  13. {
  14. public const EDIT = 'POST_EDIT';
  15. public const VIEW = 'POST_VIEW';
  16. private EntityManagerInterface $em;
  18. public function __construct(EntityManagerInterface $em){
  19. $this->em = $em;
  20. }
  22. protected function supports(string $attribute, mixed $subject): bool
  23. {
  24. // replace with your own logic
  25. // https://symfony.com/doc/current/security/voters.html
  26. return in_array($attribute, [self::EDIT, self::VIEW])
  27. && $subject instanceof \App\Entity\SejourSession;
  28. }
  30. protected function voteOnAttribute(string $attribute, mixed $sejourSession, TokenInterface $token): bool
  31. {
  32. $user = $token->getUser();
  33. // if the user is anonymous, do not grant access
  34. if($user->getIsActive()===0)
  35. return false;
  36. if (!$user instanceof UserInterface) {
  37. return false;
  38. }
  39. $contact = $user->getContact();
  40. //TODO: enlever les cancelled
  41. $inscription = $this->em->getRepository(Inscription::class)->findOneBy([
  42. 'sejourSession' => $sejourSession,
  43. 'parent' => $contact
  44. ]);
  45. if($inscription !== null ){
  46. return true;
  47. }
  49. if(in_array(User::ROLE_ADMIN,$user->getRoles()))
  50. return true;
  56. return false;
  58. return false;
  59. }
  60. }