src/Security/Voter/Resource/AdminGroupVoter.php line 12
<?phpnamespace App\Security\Voter\Resource;use Symfony\Component\Security\Core\Authorization\Voter\Voter,Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface,Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use App\Entity\AdminGroup,App\Lib\Actions,App\Lib\Roles;final class AdminGroupVoter extends Voter{const VOTABLE_ATTRIBUTES = [Actions::VIEW,Actions::EDIT,Actions::DELETE];private AuthorizationCheckerInterface $authorizationChecker;public function __construct(AuthorizationCheckerInterface $authorizationChecker){$this->authorizationChecker = $authorizationChecker;}protected function supports($attribute, $subject): bool{if (! $subject instanceof AdminGroup|| ! in_array($attribute, self::VOTABLE_ATTRIBUTES)) {return false;}return true;}protected function voteOnAttribute($attribute, $subject, TokenInterface $token): bool{if (Actions::VIEW === $attribute) {return true;}if ($this->isSubjectCurrentGroup($subject, $token)) {return false;}if ($this->isSubjectAccessable($subject)) {return true;}return false;}private function isSubjectCurrentGroup(AdminGroup $subject, TokenInterface $token): bool{/** @var Admin */$current = $token->getUser();if ($current->getGroup()->getUuid() !== $subject->getUuid()) {return false;}return true;}private function isSubjectAccessable(AdminGroup $subject): bool{if ($this->authorizationChecker->isGranted(Roles::ROLE_OPENFORM)) {return true;}return ! $subject->getIsOpenform();}}