src/Security/Voter/CoachUserVoter.php line 10

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Entity\CoachUser;
  6. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  7. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  8. use Symfony\Component\Security\Core\User\UserInterface;
  10. class CoachUserVoter extends Voter
  11. {
  12.     public const EDIT 'POST_EDIT';
  13.     public const VIEW 'POST_VIEW';
  15.     protected function supports(string $attribute$subject): bool
  16.     {
  17.         // replace with your own logic
  18.         // https://symfony.com/doc/current/security/voters.html
  19.         return in_array($attribute, [self::EDITself::VIEW])
  20.             && $subject instanceof \App\Entity\CoachUser;
  21.     }
  23.     /**
  24.      * @param string $attribute
  25.      * @param CoachUser $subject
  26.      * @param TokenInterface $token
  27.      * @return bool
  28.      */
  29.     protected function voteOnAttribute(string $attribute$subjectTokenInterface $token): bool
  30.     {
  31.         $user $token->getUser();
  32.         // if the user is anonymous, do not grant access
  33.         if (!$user instanceof UserInterface) {
  34.             return false;
  35.         }
  37.         return match ($attribute) {
  38.             self::VIEWself::EDIT => $subject->getCoach()->getProfile()->getUser()->getUserIdentifier() === $user->getUserIdentifier(),
  39.             default => false
  40.         };
  41.     }
  42. }