src/App/Security/ListingOwnerVoter.php line 11

Open in your IDE?
  1. <?php
  3. namespace App\Security;
  5. use Aqarmap\Bundle\ListingBundle\Entity\Listing;
  6. use Aqarmap\Bundle\UserBundle\Entity\User;
  7. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  8. use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
  9. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  11. class ListingOwnerVoter extends Voter
  12. {
  13.     const OWNER 'LISTING_OWNER';
  15.     private AuthorizationCheckerInterface $authorizationChecker;
  17.     public function __construct(AuthorizationCheckerInterface $authorizationChecker)
  18.     {
  19.         $this->authorizationChecker $authorizationChecker;
  20.     }
  22.     protected function supports(string $attribute$subject): bool
  23.     {
  24.         return $attribute === self::OWNER && $subject instanceof Listing;
  25.     }
  27.     protected function voteOnAttribute(string $attribute$subjectTokenInterface $token): bool
  28.     {
  29.         if ($this->authorizationChecker->isGranted('ROLE_ADMIN')) {
  30.             return true;
  31.         }
  33.         $user $token->getUser();
  35.         if (!$user instanceof User) {
  36.             return false;
  37.         }
  39.         /** @var Listing $listing */
  40.         $listing $subject;
  42.         return $user->getId() === $listing->getUser()->getId();
  43.     }
  44. }