<?phpnamespace App\Security\Voter;use App\Entity\Admission\Cabinet\Entrant;use App\Entity\Admission\Tickets\TicketOperator;use App\Service\Admission\Tickets\AutomaticTicketManager;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;use Symfony\Component\Security\Core\User\UserInterface;class TicketVoter extends Voter{ const ATTRIBUTES = [ 'GO_ONLINE', 'CHANGE_USER_ACTIVITY', 'CHANGE_ROLE_ADMIN', 'CAN_APPLY' ]; private $automaticTicketManager; public function __construct(AutomaticTicketManager $automaticTicketManager) { $this->automaticTicketManager = $automaticTicketManager; } protected function voteOnAttribute($attribute, $subject, TokenInterface $token): bool { $user = $token->getUser(); $ticketOperator = $this->automaticTicketManager->getTicketOperator($user); switch ($attribute) { case 'GO_ONLINE': return $this->canChangeStatus($ticketOperator); break; case 'CHANGE_ROLE_ADMIN': case 'CHANGE_USER_ACTIVITY': return $this->canChangeUserActivity($user, $subject); break; case 'CAN_APPLY': return $this->canApply($user, $subject); break; } return false; } protected function supports($attribute, $subject) { if (in_array($attribute, self::ATTRIBUTES)) { return true; } return false; } protected function canApply($user, $application) { if ($user instanceof Entrant) { if ($user->getApplications()->contains($application)) { return true; } } return false; } protected function canChangeStatus($ticketOperator) { if ($ticketOperator) { return $ticketOperator instanceof TicketOperator; } return false; } protected function canChangeUserActivity($user, $subject) { if ($subject instanceof UserInterface) { return !($subject->getId() == $user->getId()); } return true; }}