<?phpdeclare(strict_types=1);namespace App\Security\Voter;use App\Entity\Consultation\Report;use App\Entity\User;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;class ReportPdfVoter extends Voter{ public const SHOW_REPORT_PDF = 'SHOW_REPORT_PDF'; public const SHOW_ANSWER_PDF = 'SHOW_ANSWER_PDF'; public const SHOW_REPORT_OLD_PDF = 'SHOW_REPORT_OLD_PDF'; public const SHOW_ANSWER_OLD1_PDF = 'SHOW_ANSWER_OLD1_PDF'; public const SHOW_ANSWER_OLD2_PDF = 'SHOW_ANSWER_OLD2_PDF'; private AuthorizationCheckerInterface $authorizationChecker; /** * ReportPdfVoter constructor. */ public function __construct(AuthorizationCheckerInterface $authorizationChecker) { $this->authorizationChecker = $authorizationChecker; } protected function supports(string $attribute, $subject) { if (!$subject instanceof Report) { return false; } return in_array($attribute, [ self::SHOW_REPORT_PDF, self::SHOW_ANSWER_PDF, self::SHOW_REPORT_OLD_PDF, self::SHOW_ANSWER_OLD1_PDF, self::SHOW_ANSWER_OLD2_PDF, ]); } protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token) { assert($subject instanceof Report); // NVCアカウントは閲覧可能 if ($this->authorizationChecker->isGranted('ROLE_NVC')) { return true; } $user = $token->getUser(); if (!$user instanceof User) { return false; } return $user === $subject->getUser(); }}