<?php
namespace App\Security\Voter;
use App\Entity\JvnDevice;
use App\Entity\JvnMedia;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Symfony\Component\Security\Core\Security;
use Symfony\Component\Security\Core\User\UserInterface;
class JvnMediaVoter extends Voter
{
private Security $security;
public function __construct(Security $security)
{
$this->setSecurity($security);
}
/**
* @return Security
*/
public function getSecurity(): Security {
return $this->security;
}
/**
* @param Security $security
* @return JvnMediaVoter
*/
public function setSecurity(Security $security): JvnMediaVoter {
$this->security = $security;
return $this;
}
protected function supports($attribute, $subject)
{
// replace with your own logic
// https://symfony.com/doc/current/security/voters.html
return in_array($attribute, ['MEDIA_DELETE'])
&& $subject instanceof JvnMedia;
}
/**
* @param string $attribute
* @param JvnMedia $subject
* @param TokenInterface $token
* @return bool
*/
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
{
/** @var JvnDevice $user */
$user = $token->getUser();
// if the user is anonymous, do not grant access
if (!$user instanceof UserInterface) {
return false;
}
// ... (check conditions and return true to grant permission) ...
switch ($attribute) {
case 'MEDIA_DELETE':
return
$user->getOperario()->getId()->toString() === $subject->getOwner()->getId()->toString() ||
$this->getSecurity()->isGranted('ROLE_SUPERVISOR');
}
return false;
}
}