<?phpdeclare(strict_types=1);namespace Bdm\CheckoutBundle\Security\Voter;use Bdm\BackofficeBundle\Entity\Application;use FOS\OAuthServerBundle\Entity\AccessTokenManager;use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;class ApplicationOwnerVoter extends Voter{ const APPLICATION_OWNER = 'APPLICATION_OWNER'; protected \FOS\OAuthServerBundle\Entity\AccessTokenManager $oTokenManager; protected \Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface $oTokenStorage; /** * @param AccessTokenManager $oTokenManager token manager * @param TokenStorageInterface $oTokenStorage token storage */ public function __construct( AccessTokenManager $oTokenManager, TokenStorageInterface $oTokenStorage ) { $this->oTokenManager = $oTokenManager; $this->oTokenStorage = $oTokenStorage; } /** * @param string $sAttribute attribute * @param mixed $oSubject subject * @return bool */ public function supports($sAttribute, $oSubject) { if ($sAttribute !== self::APPLICATION_OWNER) { return false; } if ($oSubject instanceof Application) { return true; } return false; } /** * @param string $sAttribute attribute * @param mixed $oApplication application * @param TokenInterface $oToken token * @return bool */ public function voteOnAttribute($sAttribute, $oApplication, TokenInterface $oToken) { $oAccessToken = $this->oTokenManager->findTokenByToken( $this->oTokenStorage->getToken()->getToken() ); $oMerchant = $oAccessToken->getClient()->getMerchant(); return ($oApplication->getMerchant()->getId() === $oMerchant->getId()); }}