bundles/BackofficeBundle/Security/Authorization/Voter/SalerecordVoter.php line 13

Open in your IDE?
  1. <?php
  3. declare(strict_types=1);
  5. namespace Bdm\BackofficeBundle\Security\Authorization\Voter;
  7. use Bdm\OAuth2Bundle\Entity\AccessToken;
  8. use Bdm\PublicApiBundle\Entity\Salerecord;
  9. use Doctrine\ORM\EntityManager;
  10. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  11. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  13. class SalerecordVoter extends Voter
  14. {
  15. const VIEW = 'VIEW';
  17. /**
  18. * @param EntityManager $oEntityManager entity manager
  19. */
  20. public function __construct(
  21. private readonly EntityManager $oEntityManager
  22. ) {
  23. }
  26. /**
  27. * @param string $sAttribute attribute
  28. * @param mixed $oSubject subject
  29. * @return bool
  30. */
  31. public function supports($sAttribute, $oSubject)
  32. {
  33. if (!in_array($sAttribute, [self::VIEW])) {
  34. return false;
  35. }
  37. if (!$oSubject instanceof Salerecord) {
  38. return false;
  39. }
  41. return true;
  42. }
  44. /**
  45. * @param string $sAttribute attribute
  46. * @param Salerecord $oSalerecord Salerecord
  47. * @param TokenInterface $oToken token
  48. *
  49. * @return bool
  50. */
  51. public function voteOnAttribute($sAttribute, $oSalerecord, TokenInterface $oToken)
  52. {
  53. $oAccessToken = $this->oEntityManager
  54. ->getRepository(AccessToken::class)
  55. ->findOneBy(['token' => $oToken->getToken()]);
  56. $oMerchant = $oAccessToken->getClient()->getMerchant();
  58. return $oMerchant == $oSalerecord->getSeller()->getApplication()->getMerchant();
  59. }
  60. }