<?phpnamespace LiteDesk\FinanceBundle\Security\Authorization;use LiteDesk\UserBundle\Entity\User;use LiteDesk\FinanceBundle\Entity\DutyTravelOrder;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\AbstractVoter;use Symfony\Component\Security\Core\Authorization\Voter\Voter;use Symfony\Component\Security\Core\User\AdvancedUserInterface;use JMS\DiExtraBundle\Annotation\Service;use JMS\DiExtraBundle\Annotation\Tag;/** * @Service("security.access.duty_travel_voter", public=false) * @Tag("security.voter") */class DutyTravelVoter extends Voter{ const VIEW = 'VIEW'; const EDIT = 'EDIT'; const PROMOTE = 'PROMOTE'; const DEMOTE = 'DEMOTE'; const DELETE = 'DELETE'; const TEMPLATE = 'TEMPLATE'; protected function supports($attribute, $subject) { if(!in_array($attribute, $this->getSupportedAttributes())) { return false; } if(!($subject instanceof DutyTravelOrder)) { return false; } return true; } protected function voteOnAttribute($attribute, $subject, TokenInterface $token) { $user = $token->getUser(); /* @var $dutyTravelOrder DutyTravelOrder */ // make sure there is a user object (i.e. that the user is logged in) if (!$user instanceof AdvancedUserInterface) { return false; } // double-check that the User object is the expected entity (this // only happens when you did not configure the security system properly) if (!$user instanceof User) { throw new \LogicException('The user is somehow not our User class!'); } switch($attribute) { case self::VIEW: return $subject->getAuthor()->getId() == $user->getId(); break; case self::EDIT: return $subject->getAuthor()->getId() == $user->getId(); break; case self::DELETE: return $subject->getAuthor()->getId() == $user->getId(); break; case self::TEMPLATE: return $subject->getAuthor()->getId() == $user->getId(); break; } return false; } protected function getSupportedAttributes() { return array(self::VIEW, self::EDIT, self::PROMOTE, self::DELETE, self::DEMOTE, self::TEMPLATE); }}