src/Security/Voter/PrelevementVoter.php line 11
<?phpnamespace App\Security\Voter;use App\Entity\Utilisateur;use Symfony\Bundle\SecurityBundle\Security;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;use Symfony\Component\Security\Core\User\UserInterface;class PrelevementVoter extends Voter{private $security;public const EDIT = 'PRELEVEMENT_EDIT';public const VIEW = 'PRELEVEMENT_VIEW';public function __construct(Security $security){$this->security = $security;}protected function supports(string $attribute, mixed $subject): bool{// replace with your own logic// https://symfony.com/doc/current/security/voters.htmlreturn in_array($attribute, [self::EDIT, self::VIEW])&& $subject instanceof \App\Entity\Prelevement;}protected function voteOnAttribute(string $attribute, mixed $prelevement, TokenInterface $token): bool{/** @var Utilisateur $user */$user = $token->getUser();// if the user is anonymous, do not grant accessif (!$user instanceof UserInterface) {return false;}// ROLE_SUPERADMIN > ROLE_ADMINif ($this->security->isGranted('ROLE_ADMIN')) {return true;}/** @var Prelevement $prelevement */// ... (check conditions and return true to grant permission) ...switch ($attribute) {case self::EDIT:case self::VIEW:// logic to determine if the user can EDIT or VIEW// return true or falseif ($this->security->isGranted('ROLE_GROUPE') &&$prelevement->getBassin()->getEtablissement()->getOrganisme()->getGroupe() &&$user->getGroupesRepresentantLegal()->contains($prelevement->getBassin()->getEtablissement()->getOrganisme()->getGroupe())) {return true;}if ($this->security->isGranted('ROLE_ORGANISME') &&$user->getOrganismesRepresentantLegal()->contains($prelevement->getBassin()->getEtablissement()->getOrganisme())) {return true;}if ($this->security->isGranted('ROLE_ETABLISSEMENT') &&$user->getEtablissementsResponsable()->contains($prelevement->getBassin()->getEtablissement())) {return true;}if ($this->security->isGranted('ROLE_OPERATEUR')) {foreach ($user->getTaches() as $tachesBassin) {if ($tachesBassin->getBassin() === $prelevement->getBassin() &&$tachesBassin->isPrelevement()) {return true;}}}break;}return false;}}