<?php
declare(strict_types=1);
namespace Harmonizely\CalendarAccount\Voter;
use Harmonizely\Model\CalendarAccountInterface;
use Harmonizely\Model\UserInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
final class CanAccessCalendarAccountVoter extends Voter
{
public const ACCESS = 'access';
protected function supports($attribute, $subject): bool
{
if (self::ACCESS !== $attribute) {
return false;
}
if (false === $subject instanceof CalendarAccountInterface) {
return false;
}
return true;
}
protected function voteOnAttribute($attribute, $subject, TokenInterface $token): bool
{
/** @var UserInterface $loggedInUser */
$loggedInUser = $token->getUser();
if (!$loggedInUser instanceof UserInterface) {
return false;
}
/** @var CalendarAccountInterface $subject */
$calendarAccountUser = $subject->getUser();
return $loggedInUser->getId() === $calendarAccountUser->getId();
}
}