src/Bundles/UserBundle/Security/Voter/UserVoter.php line 17

Open in your IDE?
  1. <?php
  3. declare(strict_types=1);
  5. namespace App\Bundles\UserBundle\Security\Voter;
  7. use App\Bundles\OrganizationBundle\Enum\UserOrganizationResponsibleLevelEnum;
  8. use App\Bundles\OrganizationBundle\Exception\UserOrganizationNotFoundException;
  9. use App\Bundles\OrganizationBundle\Service\UserOrganization\UserOrganizationProvider;
  10. use App\Bundles\OrganizationBundle\Service\UserOrganization\UserOrganizationResponsibleLevelResolver;
  11. use App\Bundles\UserBundle\Entity\User;
  12. use App\Bundles\UserBundle\Enum\SystemPermissionEnum;
  13. use App\Bundles\UserBundle\Repository\UserRepository;
  14. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  15. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  17. class UserVoter extends Voter
  18. {
  19.     public function __construct(
  20.         private readonly UserOrganizationProvider $userOrganizationProvider,
  21.         private readonly UserOrganizationResponsibleLevelResolver $levelResolver,
  22.         private readonly UserRepository $userRepository,
  23.     ) {
  24.     }
  26.     protected function supports(string $attribute$subject): bool
  27.     {
  28.         return $attribute === SystemPermissionEnum::SPECIFIC_USER_VIEW->value;
  29.     }
  31.     /** @param User $subject
  32.      * @throws UserOrganizationNotFoundException
  33.      */
  34.     protected function voteOnAttribute(string $attribute$subjectTokenInterface $token): bool
  35.     {
  36.         if (
  37.             $this->levelResolver->resolve() === UserOrganizationResponsibleLevelEnum::NATIONAL_LEVEL->value
  38.         ) {
  39.             return true;
  40.         }
  42.         return $this->userRepository->withinAvailableOrganization(
  43.             $subject,
  44.             $this->userOrganizationProvider->provideFromSession()->getOrganization()
  45.         );
  46.     }
  47. }