src/Security/Voter/Messenger/RecipientVoter.php line 15
<?phpnamespace App\Security\Voter\Messenger;use App\Entity\Messenger\Recipient;use App\Entity\Messenger\Message;use App\Entity\Admin\CustomerUser;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;use Symfony\Component\Security\Core\User\UserInterface;use Doctrine\Persistence\ManagerRegistry;use Symfony\Bundle\SecurityBundle\Security;class RecipientVoter extends Voter{final public const EDIT = 'RMSG_ENTITY_EDIT';final public const VIEW = 'RMSG_ENTITY_VIEW';final public const DELETE = 'RMSG_ENTITY_DELETE';public function __construct(private readonly Security $security){}protected function supports(string $attribute, mixed $subject): bool{if(!in_array($attribute, [self::EDIT, self::VIEW, self::DELETE])){return false;}if (!$subject instanceof Recipient) {return false;}return true;}protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool{$user = $token->getUser();// if the user is anonymous, do not grant accessif (!$user instanceof UserInterface) {return false;}if (!$this->security->isGranted('ROLE_STAFF')){return false;}// ... (check conditions and return true to grant permission) ...return match($attribute) {self::VIEW => $this->canView($subject, $user),self::EDIT => $this->canEdit($subject),self::DELETE => $this->canDelete($subject, $user),default => throw new \LogicException('This code should not be reached!')};}private function canView(Recipient $entity, CustomerUser $user): bool{if($entity->isDeleted()){return false;}if ($entity->getStaff()->getId() == $user->getStaff()) {return true;}return false;}private function canEdit(?Recipient $entity): bool{if ($entity == null) {return true;}if ($entity->getStaff() == null) {return true;}return false;}private function canDelete(Recipient $entity, CustomerUser $user): bool{if ($entity->getStaff()->getId() == $user->getStaff()) {return true;}return false;}}