<?phpnamespace App\Security\Voter;use App\Entity\Admin;use App\Service\PermissionService;use Doctrine\ORM\EntityManagerInterface;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;use Symfony\Component\Security\Core\Security;class AdminVoter extends Voter{ const VIEW = 'view'; const ADD = 'add'; const EDIT = 'edit'; const DELETE = 'delete'; const PERMISSION = 'permission'; private $security; private $entityManager; public function __construct(Security $security, EntityManagerInterface $entityManager) { $this->security = $security; $this->entityManager = $entityManager; } public function supports($attribute, $subject): bool { if(!in_array($attribute, [self::DELETE, self::ADD, self::VIEW, self::EDIT, self::PERMISSION])){ return false; } if($attribute !== self::VIEW && !$subject instanceof Admin){ return false; } return true; } public function voteOnAttribute($attribute, $subject, TokenInterface $token) { $user = $token->getUser(); if(!$user instanceof Admin){ return false; } if($this->security->isGranted('ROLE_SUPERADMIN')) { return true; } $service = new PermissionService($this->entityManager); $permissions = $service->getUserPermissions($user); switch($attribute){ case self::VIEW: if(in_array("admin", $permissions)){ return true; } return false; break; case self::DELETE: if(in_array("admin_delete", $permissions)){ return true; } return false; break; case self::ADD: if(in_array("admin_add", $permissions)){ return true; } return false; break; case self::EDIT: if(in_array("admin_edit", $permissions)){ return true; } if($subject->getId() == $user->getId()){ return true; } return false; break; case self::PERMISSION: if(in_array("admin_permissions", $permissions)){ return true; } return false; break; } return false; }}