<?php/* * @since 1.0.0 * @copyright Copyright (C) 2020 ArtMedia. All rights reserved. * @website http://artmedia.biz.pl * @author Arkadiusz Tobiasz * @email kontakt@artmedia.biz.pl */namespace App\Security\Voter;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;use Symfony\Component\Security\Core\Security;use Symfony\Component\Security\Core\User\UserInterface;use App\Settings\SettingsManager;use Doctrine\ORM\EntityManagerInterface;class ModeratorVoter extends Voter{ private $security; private $settingsManager; public function __construct( Security $security, SettingsManager $settingsManager ) { $this->security = $security; $this->settingsManager = $settingsManager; } protected function supports($attribute, $subject) { $actions = [ SettingsManager::ADMIN_VIEW_PRIVATE_FIELDS, SettingsManager::ADMIN_TOP_UP_BALANCE, SettingsManager::ADMIN_EDIT_USER, SettingsManager::ADMIN_EDIT_PROFILE, SettingsManager::ADMIN_PAYOUTS, ]; return in_array($attribute, ['ROLE_MODERATOR_PERMISSION']) && ( (is_array($subject) && count(array_intersect($subject, $actions))) || (is_string($subject) && in_array($subject, $actions)) ) ; } protected function voteOnAttribute($attribute, $subject, TokenInterface $token) { $user = $token->getUser(); // if the user is anonymous, do not grant access if (!$user instanceof UserInterface) { return false; } if (!is_array($subject)) { $actions = [ $subject, ]; } else { $actions = $subject; } $configs = $this->settingsManager->get($actions, true); $groups = []; foreach ($configs as $item) { $item = json_decode($item, true); if ($item) { $groups = array_merge($groups, $item); } } if (!$groups) { return false; } array_unique($groups); // Allow if user match return count($user->getGroups($groups)) ? true : false; }}