src/Security/CompanyAdminVoter.php line 11

Open in your IDE?
  1. <?php
  4. namespace App\Security;
  6. use App\Entity\User;
  7. use App\Entity\Company;
  8. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  9. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  11. class CompanyAdminVoter extends Voter
  12. {
  14. protected function supports($attribute, $subject): bool
  15. {
  16. if (strpos($attribute, 'company_admin') !== 0) {
  17. return false;
  18. }
  20. if (!$subject instanceof Company) {
  21. return false;
  22. }
  24. return true;
  25. }
  27. protected function voteOnAttribute($attribute, $subject, TokenInterface $token): bool
  28. {
  29. $user = $token->getUser();
  31. if (!$user instanceof User) {
  32. return false;
  33. }
  35. if (!$user->isCompanyAdmin() || !$user->getCompanies()->contains($subject)) {
  36. return false;
  37. }
  39. return true;
  40. }
  41. }