<?php
namespace App\Tasks\Security\Voter;
use App\Core\Entity\User;
use App\Tasks\Entity\Task;
use App\Tasks\WECertification\Consts\AllowedObjectsConst;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
final class WECertificationVoter extends Voter
{
const IS_TASK_WE_CERTIFICATION = 'is_task_we_certification';
const IS_WE_CERTIFICATION_ALLOWED_OBJECT = 'is_we_certification_allowed_object';
/**
* {@inheritdoc}
*/
public function supports(string $attribute, $subject): bool
{
return $subject instanceof Task && in_array($attribute, [
self::IS_TASK_WE_CERTIFICATION,
self::IS_WE_CERTIFICATION_ALLOWED_OBJECT,
]);
}
/**
* {@inheritdoc}
*
* @param Task $subject
*/
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
{
$user = $token->getUser();
if (!$user instanceof User) {
return false;
}
if ($attribute === self::IS_TASK_WE_CERTIFICATION) {
return $subject->getType() === Task::TYPE_CERTYFIKACJA_WE;
}
if ($attribute === self::IS_WE_CERTIFICATION_ALLOWED_OBJECT) {
return in_array($subject->getType(), AllowedObjectsConst::ALLOWED, true);
}
return false;
}
}