<?php
namespace App\Http\Customer\Voter;
use App\Domain\Project\Entity\Annotation;
use App\Domain\Project\Entity\Project;
use App\Domain\User\Entity\User;
use JetBrains\PhpStorm\Pure;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
class ProjectVoter extends Voter
{
const VIEW = 'VIEW_PROJECT';
const EDIT = 'EDIT_PROJECT';
protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool
{
if(!($subject instanceof Project)) return false;
/** @var User $user */
$user = $token->getUser();
return match ($attribute) {
self::VIEW, self::EDIT => $this->canViewProject($subject, $user),
default => false
};
}
private function canViewProject(Project $project, User $user): bool
{
return $project->getCompany() === $user->getCompany() || $user->hasRole('ROLE_ADMIN');
}
protected function supports(string $attribute, mixed $subject): bool
{
return in_array($attribute, [self::VIEW, self::EDIT]);
}
}