<?phpdeclare(strict_types=1);/* * ImmoBay - BAUR Immobilien * * @copyright Copyright (c) 2008-2022, 47GradNord - Agentur für Internetlösungen * @author 47GradNord - Agentur für Internetlösungen <info@47gradnord.de> */namespace App\Security;use App\Entity\Property;use App\Entity\User;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;use Symfony\Component\Security\Core\Security;class PropertyVoter extends Voter{ public const BID = 'bid'; private $security; public function __construct(Security $security) { $this->security = $security; } protected function supports(string $attribute, $subject): bool { // if the attribute isn't one we support, return false if (!in_array($attribute, [self::BID], true)) { return false; } // only vote on `Property` objects if (!$subject instanceof Property) { return false; } return true; } protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool { $user = $token->getUser(); if (!$user instanceof User) { // the user must be logged in; if not, deny access return false; } // ROLE_SUPER_ADMIN can do anything! The power! if ($this->security->isGranted('ROLE_ADMIN')) { return true; } // you know $subject is a Post object, thanks to `supports()` /** @var Property $property */ $property = $subject; switch ($attribute) { case self::BID: return $this->canBid($property, $user); } throw new \LogicException('This code should not be reached!'); } private function canBid(Property $property, User $user): bool { if (37 === $user->getId()) { return false; } return true; }}