<?php
namespace App\Security;
use App\Entity\User;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use App\Entity\SurveyFillEntryItem;
class SurveyFillEntryItemVoter extends Voter
{
const CREATE = 'create';
const UPDATE = 'update';
protected function supports(string $attribute, $subject)
{
if (!in_array($attribute, [self::CREATE, self::UPDATE])) {
return false;
}
if (!$subject instanceof SurveyFillEntryItem) {
return false;
}
return true;
}
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token)
{
$user = $token->getUser();
if (!$user instanceof User) {
// the user must be logged in; if not, deny access
return false;
}
/** @var SurveyFillEntryItem $surveyFillEntryItem */
$surveyFillEntryItem = $subject;
switch ($attribute) {
case self::CREATE:
case self::UPDATE:
return $this->canCreate($surveyFillEntryItem, $user);
}
}
private function canCreate(SurveyFillEntryItem $surveyFillEntryItem, User $user)
{
return $surveyFillEntryItem->canUserCreate($user);
}
}