src/Security/Voter/ProductVoter.php line 10

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Entity\Product;
  6. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  7. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  8. use Symfony\Component\Security\Core\User\UserInterface;
  10. class ProductVoter extends Voter
  11. {
  12.     protected function supports($attribute$subject)
  13.     {
  14.         // replace with your own logic
  15.         // https://symfony.com/doc/current/security/voters.html
  16.         return in_array($attribute, ['PRODUCT_EDIT'])
  17.             && $subject instanceof Product;
  18.     }
  20.     protected function voteOnAttribute($attribute$subjectTokenInterface $token)
  21.     {
  22.         $user $token->getUser();
  23.         // if the user is anonymous, do not grant access
  24.         if (!$user instanceof UserInterface) {
  25.             return false;
  26.         }
  28.         // ... (check conditions and return true to grant permission) ...
  29.         switch ($attribute) {
  30.             /** @var $subject Product */
  31.             case 'PRODUCT_EDIT':
  32.                 if ($user === $subject->getOwner()) {
  33.                     return true;
  34.                 }
  35.                 break;
  36.         }
  38.         return false;
  39.     }
  40. }