<?phpnamespace App\Security\Voter;use App\Entity\Admin;use App\Entity\Employee;use App\Service\PermissionService;use Doctrine\ORM\EntityManagerInterface;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;use Symfony\Component\Security\Core\Security;class EmployeeVoter extends Voter{ const VIEW = "view"; const MANAGE = "manage"; private $security; private $entityManager; public function __construct(Security $security, EntityManagerInterface $entityManager) { $this->security = $security; $this->entityManager = $entityManager; } public function supports($attribute, $subject) { if(!in_array($attribute, [self::VIEW, self::MANAGE])){ return false; } if($attribute == self::MANAGE && !$subject instanceof Employee){ return false; } return true; } public function voteOnAttribute($attribute, $subject, TokenInterface $token) { $user = $token->getUser(); if(!$user instanceof Admin){ return false; } if($this->security->isGranted('ROLE_SUPERADMIN')){ return true; } $service = new PermissionService($this->entityManager); $permissions = $service->getUserPermissions($user); switch($attribute){ case self::MANAGE: if(in_array("employee_manage", $permissions)){ return true; } return false; break; } return false; }}