src/AdminBundle/Security/TicketVoter.php line 10

Open in your IDE?
  1. <?php
  3. namespace AdminBundle\Security;
  5. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  6. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  7. use AdminBundle\Entity\Ticket;
  8. use AdminBundle\Entity\User;
  10. class TicketVoter extends Voter
  11. {
  12. private const EDIT = 'edit';
  13. private const DELETE = 'delete';
  15. /**
  16. * {@inheritdoc}
  17. */
  18. protected function supports($attribute, $subject)
  19. {
  20. $allowedAttributes = [
  21. self::EDIT,
  22. self::DELETE,
  23. ];
  25. if (!in_array(strtolower($attribute), $allowedAttributes)) {
  26. return false;
  27. }
  29. if (!$subject instanceof Ticket) {
  30. return false;
  31. }
  33. return true;
  34. }
  36. /**
  37. * {@inheritdoc}
  38. */
  39. protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
  40. {
  41. $user = $token->getUser();
  43. if (!$user instanceof User) {
  44. return false;
  45. }
  47. $allowedRoles = [
  48. User::ROLE_ADMIN,
  49. User::ROLE_OPERATOR,
  50. ];
  52. return !empty(array_intersect($allowedRoles, $user->getRoles()));
  53. }
  54. }