<?php/** * Created by PhpStorm. * User: sebastien.nexon * Date: 26/01/2018 * Time: 11:30 */namespace App\Security;use App\Entity\Admin;use App\Entity\Consultant;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;class ConsultantVoter extends Voter{ const VIEW = 'consultant_show'; const EDIT = 'consultant_edit'; private $decisionManager; public function __construct(AccessDecisionManagerInterface $decisionManager) { $this->decisionManager = $decisionManager; } protected function supports($attribute, $subject) { if(!in_array($attribute, array(self::VIEW,self::EDIT))) { return false; } if(!$subject instanceof Consultant) { return false; } return true; } protected function voteOnAttribute($attribute, $subject, TokenInterface $token) { $user = $token->getUser(); if ($this->decisionManager->decide($token, array('ROLE_SUPER_ADMIN'))) { return true; } $consultant = $subject; switch ($attribute) { case self::VIEW: return $this->canView($consultant, $user); case self::EDIT: return $this->canEdit($consultant, $user); } throw new \LogicException('This code should not be reached!'); } private function canView(Consultant $consultant, Admin $admin) { if($this->canEdit($consultant, $admin)) { return true; } return false; } private function canEdit(Consultant $consultant, Admin $admin) { if(empty($consultant->getJobs())) { return false; } else { $admins = array(); foreach ($consultant->getJobs() as $job) { $admins[] = $job->getContract()->getCustomer()->getAdmins(); } foreach ($admins as $adminAct) { if($admin === $adminAct) { return true; } } } return false; }}