<?php
namespace App\Security\Authorization\Voter;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
class MassQueryVoter implements VoterInterface
{
const GENERATE = 'GENERATE';
const LIST = 'LIST';
public function supportsAttribute($attribute)
{
return in_array($attribute, array(
self::GENERATE,
self::LIST,
));
}
public function supportsClass($class)
{
$supportedClass = 'MassQuery';
if (is_string($class)) {
if ($class === $supportedClass) {
return true;
} else {
return false;
}
}
if(is_null($class)) {
return true;
}
return $supportedClass === get_class($class) || is_subclass_of(get_class($class), $supportedClass);
}
public function vote(TokenInterface $token, $entity, array $attributes)
{
$user = $token->getUser();
if (!is_object($user)) {
return VoterInterface::ACCESS_DENIED;
}
if (!$this->supportsClass($entity)) {
return VoterInterface::ACCESS_ABSTAIN;
}
$attribute = $attributes[0];
if(is_array($attribute)) {
$attribute = $attribute[0];
};
if($user->hasRole("SuperUsers") || $user->hasRole("Deliveries")) {
return VoterInterface::ACCESS_GRANTED;
}
return VoterInterface::ACCESS_DENIED;
}
}