src/Security/Voter/OrganismeVoter.php line 12
<?phpnamespace App\Security\Voter;use App\Entity\Organisme;use App\Entity\Utilisateur;use Symfony\Bundle\SecurityBundle\Security;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;use Symfony\Component\Security\Core\User\UserInterface;class OrganismeVoter extends Voter{private $security;public const EDIT = 'ORGANISME_EDIT';public const VIEW = 'ORGANISME_VIEW';public function __construct(Security $security){$this->security = $security;}protected function supports(string $attribute, mixed $subject): bool{// replace with your own logic// https://symfony.com/doc/current/security/voters.htmlreturn in_array($attribute, [self::EDIT, self::VIEW])&& $subject instanceof \App\Entity\Organisme;}protected function voteOnAttribute(string $attribute, mixed $organisme, TokenInterface $token): bool{/** @var Utilisateur $user */$user = $token->getUser();// if the user is anonymous, do not grant accessif (!$user instanceof UserInterface) {return false;}// ROLE_SUPERADMIN > ROLE_ADMINif ($this->security->isGranted('ROLE_ADMIN')) {return true;}/** @var Organisme $organisme */// ... (check conditions and return true to grant permission) ...switch ($attribute) {case self::EDIT:case self::VIEW:// logic to determine if the user can EDIT or VIEW// return true or falseif ($this->security->isGranted('ROLE_GROUPE') &&$organisme->getGroupe() &&$organisme->getGroupe()->getRepresentantLegal() === $user) {return true;}if ($this->security->isGranted('ROLE_ORGANISME') &&$organisme->getRepresentantLegal() === $user) {return true;}break;}return false;}}