<?php
namespace App\Security\Voter;
use App\Entity\ForumReponse;
use App\Entity\Sujetforum;
use App\Entity\User;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
class ForumVoter extends Voter
{
public const REPONSE_EDIT = 'FORUM_REPONSE_EDIT';
public const REPONSE_DELETE = 'FORUM_REPONSE_DELETE';
public const SUJET_EDIT = 'FORUM_SUJET_EDIT';
public const SUJET_DELETE = 'FORUM_SUJET_DELETE';
protected function supports(string $attribute, mixed $subject): bool
{
if ($subject instanceof ForumReponse) {
return \in_array($attribute, [self::REPONSE_EDIT, self::REPONSE_DELETE], true);
}
if ($subject instanceof Sujetforum) {
return \in_array($attribute, [self::SUJET_EDIT, self::SUJET_DELETE], true);
}
return false;
}
protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool
{
$user = $token->getUser();
if (!$user instanceof User) {
return false;
}
if ($subject instanceof ForumReponse) {
return $this->canManageReponse($subject, $user);
}
if ($subject instanceof Sujetforum) {
return $this->canManageSujet($subject, $user);
}
return false;
}
private function canManageReponse(ForumReponse $reponse, User $user): bool
{
if ($this->isForumModerator($user)) {
return true;
}
$owner = $reponse->getUser();
return null !== $owner && $owner->getId() === $user->getId();
}
private function canManageSujet(Sujetforum $sujet, User $user): bool
{
if ($this->isForumModerator($user)) {
return true;
}
$owner = $sujet->getUser();
return null !== $owner && $owner->getId() === $user->getId();
}
private function isForumModerator(User $user): bool
{
return \in_array('ROLE_ADMIN', $user->getRoles(), true);
}
}