<?phpnamespace App\Security;use App\Modules\Order\Entity\ProjectSale;use App\Entity\Project\Corporate\Corporate;use App\Entity\User;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;class ProjectSaleVoter extends Voter{ const ATTRIBUTES = [self::ATTR_POSTPAY]; const ATTR_POSTPAY = 'SALE_POSTPAY'; /** * Determines if the attribute and subject are supported by this voter. * * @param string $attribute An attribute * @param mixed $subject The subject to secure, e.g. an object the user wants to access or any other PHP type * * @return bool True if the attribute and subject are supported, false otherwise */ protected function supports($attribute, $subject) { return $subject instanceof ProjectSale && in_array($attribute, static::ATTRIBUTES); } /** * Perform a single access check operation on a given attribute, subject and token. * It is safe to assume that $attribute and $subject already passed the "supports()" method check. * * @param string $attribute * @param mixed $subject * @param TokenInterface $token * * @return bool */ protected function voteOnAttribute($attribute, $subject, TokenInterface $token) { /** * @var \App\Modules\Order\Entity\ProjectSale $subject * @var User $user */ $user = $token->getUser(); switch ($attribute) { case static::ATTR_POSTPAY:// $vote = ($user === $subject->getClient() &&// ($subject->getProject() instanceof Corporate or $user->getFlexPayment())); $vote = $user === $subject->getClient(); break; default: $vote = false; } return $vote; }}