src/Security/Voter/Configuracion/MaterialVoter.php line 12

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter\Configuracion;
  5. use App\Entity\Ajustes\Usuario;
  6. use App\Entity\Configuracion\Material;
  7. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  8. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  9. use Symfony\Component\Security\Core\Security;
  10. use Symfony\Component\Security\Core\User\UserInterface;
  12. class MaterialVoter extends Voter
  13. {
  14.     const VIEW      'MATERIAL_VIEW';
  15.     const EDIT      'MATERIAL_EDIT';
  16.     const DELETE    'MATERIAL_DELETE';
  18.     private $security;
  20.     public function __construct(Security $security)
  21.     {
  22.         $this->security $security;
  23.     }
  24.     
  25.     protected function supports(string $attribute$subject): bool
  26.     {
  27.         // replace with your own logic
  28.         // https://symfony.com/doc/current/security/voters.html
  29.         return in_array($attribute, [self::EDITself::VIEWself::DELETE])
  30.             && $subject instanceof Material;
  31.     }
  33.     protected function voteOnAttribute(string $attribute$subjectTokenInterface $token): bool
  34.     {
  35.         $user $token->getUser();
  36.         // if the user is anonymous, do not grant access
  37.         if (!$user instanceof UserInterface) {
  38.             return false;
  39.         }
  41.         switch ($attribute) {
  42.             case self::EDIT:
  43.                 // logic to determine if the user can EDIT
  44.                 // return true or false
  45.                 return $this->canEdit($subject$user);
  46.             case self::VIEW:
  47.                 // logic to determine if the user can VIEW
  48.                 // return true or false
  49.                 return $this->canView($subject$user);
  50.             case self::DELETE:
  51.                 // logic to determine if the user can DELETE
  52.                 // return true or false
  53.                 return $this->canDelete($subject$user);
  54.         }
  56.         return false;
  57.     }
  59.     private function canView(Material $subject,Usuario $user){
  61.         if ($this->security->isGranted('ROLE_MATERIAL_VIEW'))
  62.             return true;
  64.         
  66.         
  67.         return false;
  68.     }
  70.     private function canEdit(Material $subject,Usuario $user){
  72.         if ($this->security->isGranted('ROLE_MATERIAL_EDIT'))
  73.             return true;
  75.         
  76.         return false;
  77.     }
  79.     private function canDelete(Material $subject,Usuario $user){
  81.         if ($this->security->isGranted('ROLE_MATERIAL_DELETE'))
  82.             return true;
  84.         return false;
  85.     }
  86. }