<?phpnamespace App\Security\Voter\Garages;use App\Entity\Garages\GarageSearchConfig;use App\Entity\User;use App\Enum\UserRolesEnum;use App\Enum\VotersEnum;use LogicException;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;use Symfony\Component\Security\Core\Security;class GarageSearchConfigVoter extends Voter{ private Security $security; private array $voters; public function __construct(Security $security) { $this->security = $security; $this->voters = [ VotersEnum::CONFIG_GARAGE_SEARCH, ]; } protected function supports(string $attribute, $subject): bool { // first check the $subject and last if the $attribute is supported, // because there are attributes (with subject) used as well by other voters (like UPDATE, ...) if ($subject && !$subject instanceof GarageSearchConfig) { // only vote on these objects return false; } if (in_array($attribute, $this->voters)) { // if the attribute is one we support return true; } return false; } protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool { $user = $token->getUser(); if (!$user instanceof User) { // the user must be logged in; if not, deny access return false; } switch ($attribute) { case VotersEnum::CONFIG_GARAGE_SEARCH: return $this->canConfig(); } throw new LogicException('This code should not be reached!'); } private function canConfig(): bool { return $this->isAdminUser(); } private function isAdminUser(): bool { return $this->security->isGranted(UserRolesEnum::ROLE_ADMIN_LONG); }}