Symfony Profiler

<?php
namespace App\Security\Voter;
use App\Entity\Part;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Symfony\Component\Security\Core\User\UserInterface;
use App\Entity\User;
use Symfony\Component\Security\Core\Security;
class PartVoter extends Voter
{
const VIEW ="ver";
const CREATE ="crear";
const EDIT ="editar";
const DELETE = "eliminar";
const IMPORT = "importar";
private $security;
public function __construct(Security $security)
{
$this->security = $security;
}
protected function supports($attribute, $subject)
{
// if the attribute isn't one we support, return false
if (!in_array($attribute, [self::VIEW, self::CREATE, self::EDIT, self::DELETE, self::IMPORT])) {
return false;
}
// only vote on `Part` objects
if (!$subject instanceof Part) {
return false;
}
return true;
}
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
{
$admin = $token->getUser();
// if the user is anonymous, do not grant access
if (!$admin instanceof UserInterface) {
return false;
}
// ROLE_ADMIN can do anything! The power!
if ($this->security->isGranted('ROLE_ADMIN')) {
return true;
}
// ... (check conditions and return true to grant permission) ...
switch ($attribute) {
case self::VIEW:
return $this->canView($subject, $admin);
case self::CREATE:
return $this->canCreate($subject,$admin);
case self::EDIT:
return $this->canEdit($subject, $admin);
case self::DELETE:
return $this->canDelete($subject, $admin);
case self::IMPORT:
return $this->canImport($subject, $admin);
}
return false;
}
private function canCreate($subject,User $admin)
{
if ( $admin->getRole() == 'ROLE_CHIEF' || $admin->getRole() == 'ROLE_USER' || (($admin->getRole() == 'ROLE_SUPPLIER_CHIEF' or $admin->getRole() == 'ROLE_SUPPLIER' ) && $subject->getType() == 2) ) {
return true;
}
return false;
}
private function canView(Part $part, User $admin)
{
if ( in_array($admin->getRole(),['ROLE_CHIEF','ROLE_USER','ROLE_CLIENT']) ) {
return $admin->getCompany() === $part->getCompany() ;
}else if ($admin->getRole() == 'ROLE_SUPPLIER_CHIEF' || $admin->getRole() == 'ROLE_SUPPLIER'){
return true;
} else if ($admin->getRole() == 'ROLE_LOCAL_ADMIN' ){
return true;
}
return false;
}
private function canEdit(Part $part, User $admin)
{
if ( $admin->getRole() == 'ROLE_CHIEF' || $admin->getRole() == 'ROLE_USER' || ($admin->getRole() == 'ROLE_SUPPLIER_CHIEF' && $part->getType() == 2) || $admin->getRole() == 'ROLE_LOCAL_ADMIN' || $admin->getRole() == 'ROLE_ADMIN' ) {
if($admin->getCompany() === $part->getCompany()) {
return true;
}
if($part->getType() == 2 && $part->getSupplier()->getCompany() === $admin->getCompany()) {
return true;
}
return $admin->getCompany() === $part->getCompany() ;
}
return false;
}
private function canDelete(Part $part, User $admin)
{
if ( $admin->getRole() == 'ROLE_CHIEF' || $admin->getRole() == 'ROLE_SUPPLIER_CHIEF') {
if($admin->getCompany() === $part->getCompany()) {
return true;
}
if($part->getSupplier()->getCompany() === $admin->getCompany() && $part->getType() == 2) {
return true;
}
}
return false;
}
private function canImport(Part $part, User $admin)
{
$cs = $admin->getCompany()->getLicenseCompany();
if($cs){
if($cs->getLicense()->getMassiveUpload()){
return true;
}
}
return false;
}
}

src/Security/Voter/PartVoter.php line 12