<?php
namespace App\Security\SuperheroFreight;
use App\Entity\SuperheroFreight\ShippingOrder;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
/**
* Class ShippingOrderVoter
*
* @package App\Security\SuperheroOffice
*/
class ShippingOrderVoter extends Voter
{
const EDIT = 'edit';
const VIEW = 'view';
const DELETE = 'delete';
/**
* base voter actions
*/
private const ATTRIBUTES = [
self::EDIT,
self::VIEW,
self::DELETE
];
/**
* @param string $attribute
* @param mixed $subject
*
* @return bool
*/
protected function supports($attribute, $subject): bool
{
return $subject instanceof ShippingOrder
&& in_array($attribute, self::ATTRIBUTES);
}
/**
* @param string $attribute
* @param ShippingOrder $shippingOrder
* @param TokenInterface $token
*
* @return bool
*/
protected function voteOnAttribute(
$attribute,
$shippingOrder,
TokenInterface $token
): bool {
switch ($attribute) {
case self::EDIT:
return !(in_array($shippingOrder->getStatus(), ShippingOrder::NOT_EDITABLE_STATUSES));
case self::DELETE:
return true;
case self::VIEW:
return true;
default:
throw new \LogicException('Invalid attribute: ' . $attribute);
}
}
}