src/Aqarmap/Bundle/ListingBundle/Security/Authorization/Voter/OwnerVoter.php line 10

  1. <?php
  3. namespace Aqarmap\Bundle\ListingBundle\Security\Authorization\Voter;
  5. use Aqarmap\Bundle\ListingBundle\Security\Authorization\OwnerInterface;
  6. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  7. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  8. use Symfony\Component\Security\Core\User\UserInterface;
  10. class OwnerVoter extends Voter
  11. {
  12. protected function voteOnAttribute($attribute, $subject, TokenInterface $token): bool
  13. {
  14. $user = $token->getUser();
  15. if (!$user instanceof UserInterface) {
  16. return false;
  17. }
  19. // Verifies that the user is the owner
  20. $listingOwner = $subject->getUser();
  21. if ($listingOwner->getId() === $user->getId() || ($user->getChildren() && $user->getChildren()->contains($listingOwner))) {
  22. return true;
  23. }
  25. return false;
  26. }
  28. public function supports($attribute, $subject): bool
  29. {
  30. return 'ROLE_OWNER' === $attribute && $subject instanceof OwnerInterface;
  31. }
  32. }