<?php
namespace App\Security\Voter;
use App\Enums\User\RolesType;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Symfony\Component\Security\Core\User\UserInterface;
class ReservationVoter extends Voter
{
public const VIEW = 'view';
public function __construct(
private RequestStack $requestStack
) {
}
protected function supports(string $attribute, $subject): bool
{
return in_array($attribute, [self::VIEW])
&& is_array($subject);
}
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
{
$request = $this->requestStack->getCurrentRequest();
$backOfficeRoles = (new RolesType())->getBackOfficeRoles();
$user = $token->getUser();
if (!$user instanceof UserInterface) {
return false;
}
return match ($attribute) {
self::VIEW => (int) $subject['company_id'] === $user->getCompany()->getId() ||
in_array($request->attributes->get('userRole'), $backOfficeRoles),
default => false,
};
}
}