bundles/PublicApiBundle/Security/Authorization/Voter/StoredFileVoter.php line 13

Open in your IDE?
  1. <?php
  3. declare(strict_types=1);
  5. namespace Bdm\PublicApiBundle\Security\Authorization\Voter;
  7. use Bdm\OAuth2Bundle\Entity\AccessToken;
  8. use Bdm\PublicApiBundle\Entity\StoredFile;
  9. use Doctrine\ORM\EntityManager;
  10. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  11. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  13. class StoredFileVoter extends Voter
  14. {
  15. const VIEW = 'VIEW';
  17. public function __construct(private readonly EntityManager $oEntityManager)
  18. {
  19. }
  22. /**
  23. * @param string $sAttribute attribute
  24. * @param mixed $oSubject subject
  25. * @return bool
  26. */
  27. public function supports($sAttribute, $oSubject)
  28. {
  29. if (!in_array($sAttribute, [self::VIEW])) {
  30. return false;
  31. }
  33. if (!$oSubject instanceof StoredFile) {
  34. return false;
  35. }
  37. return true;
  38. }
  40. /**
  41. * @param string $sAttribute attribute
  42. * @param StoredFile $oStoredFile VerificationDocument
  43. * @param TokenInterface $oToken token
  44. *
  45. * @return bool
  46. */
  47. public function voteOnAttribute($sAttribute, $oStoredFile, TokenInterface $oToken)
  48. {
  49. $oAccessToken = $this->oEntityManager
  50. ->getRepository(AccessToken::class)
  51. ->findOneBy(['token' => $oToken->getToken()]);
  52. $oMerchant = $oAccessToken->getClient()->getMerchant();
  54. return $oMerchant == $oStoredFile->getMerchant();
  55. }
  56. }