src/App/Security/ProfileVoter.php line 11

Open in your IDE?
  1. <?php
  3. namespace App\Security;
  5. use App\Entity\Profile;
  6. use App\Entity\User;
  7. use LogicException;
  8. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  9. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  11. class ProfileVoter extends Voter
  12. {
  13. // these strings are just invented: you can use anything
  14. public const USER_CAN_VIEW_PROFILE = 'view';
  15. public const USER_CAN_EDIT_PROFILE = 'edit';
  16. public const USER_CAN_ACT_ON_BEHALF_OF_PROFILE = 'act_on_behalf_of';
  18. protected function supports($attribute, $subject)
  19. {
  20. // if the attribute isn't one we support, return false
  21. if (!in_array($attribute, [self::USER_CAN_VIEW_PROFILE, self::USER_CAN_EDIT_PROFILE, self::USER_CAN_ACT_ON_BEHALF_OF_PROFILE])) {
  22. return false;
  23. }
  25. // only vote on Profile objects inside this voter
  26. if (!$subject instanceof Profile) {
  27. return false;
  28. }
  30. return true;
  31. }
  33. protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
  34. {
  35. $user = $token->getUser();
  37. if (!$user instanceof User) {
  38. return false;
  39. }
  41. /** @var Profile $profile */
  42. $profile = $subject;
  44. switch ($attribute) {
  45. case self::USER_CAN_VIEW_PROFILE:
  46. return $this->canView($profile, $user);
  47. case self::USER_CAN_EDIT_PROFILE:
  48. return $this->canEdit($profile, $user);
  49. case self::USER_CAN_ACT_ON_BEHALF_OF_PROFILE:
  50. return $this->canActOnBehalfOf($profile, $user);
  51. }
  52. throw new LogicException('This code should not be reached!');
  53. }
  55. private function canView(Profile $profile, User $user)
  56. {
  57. return true;
  58. }
  60. private function canEdit(Profile $profile, User $user)
  61. {
  62. return $user === $profile->getUser();
  63. }
  65. private function canActOnBehalfOf(Profile $profile, User $user)
  66. {
  67. return $user === $profile->getUser();
  68. }
  69. }