<?php
namespace App\Core\Security\Voter;
use App\Core\Entity\Interfaces\PartnerableInterface;
use App\Core\Entity\User;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
final class PartnerableAccessVoter extends Voter
{
const PARTNERABLE_ACCESS = 'partnerable_access';
/**
* {@inheritdoc}
*/
public function supports(string $attribute, $subject): bool
{
return $subject instanceof PartnerableInterface && in_array($attribute, [
self::PARTNERABLE_ACCESS,
]);
}
/**
* {@inheritdoc}
*
* @param PartnerableInterface $subject
*/
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
{
$user = $token->getUser();
if (!$user instanceof User) {
return false;
}
if ($attribute === self::PARTNERABLE_ACCESS) {
if ($user->isSuperAdmin()) {
return true;
}
$partnerId = $user->getPartner() ? $user->getPartner()->getId() : null;
return $subject->getPartner() && $subject->getPartner()->getId() === $partnerId;
}
return false;
}
}