src/Security/PurchaseOrdering/PurchaseOrderVoter.php line 13

Open in your IDE?
  1. <?php
  3. namespace App\Security\PurchaseOrdering;
  5. use App\Entity\PurchaseOrdering\PurchaseOrder;
  6. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  7. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  9. /**
  10.  * Class PurchaseOrderVoter
  11.  * @package App\Security\PurchaseOrdering
  12.  */
  13. class PurchaseOrderVoter extends Voter
  14. {
  15.     const EDIT   'edit';
  16.     const VIEW   'view';
  17.     const DELETE 'delete';
  19.     /**
  20.      * base voter actions
  21.      */
  22.     private const ATTRIBUTES = [
  23.         self::EDIT,
  24.         self::VIEW,
  25.         self::DELETE
  26.     ];
  28.     /**
  29.      * @param string $attribute
  30.      * @param mixed  $subject
  31.      *
  32.      * @return bool
  33.      */
  34.     protected function supports($attribute$subject)
  35.     {
  36.         return $subject instanceof PurchaseOrder
  37.             && in_array($attributeself::ATTRIBUTES);
  38.     }
  40.     /**
  41.      * @param                $attribute
  42.      * @param PurchaseOrder  $purchaseOrder
  43.      * @param TokenInterface $token
  44.      *
  45.      * @return bool
  46.      */
  47.     protected function voteOnAttribute(
  48.         $attribute,
  49.         $purchaseOrder,
  50.         TokenInterface $token
  51.     ) {
  52.         switch ($attribute) {
  53.             case self::EDIT:
  54.             case self::DELETE:
  55.             case self::VIEW:
  56.                 return $purchaseOrder->getUser() == $token->getUser();
  57.                 break;
  58.         }
  60.         throw new \LogicException('Invalid attribute: ' $attribute);
  61.     }
  62. }