<?phpnamespace App\Security\Voter;use App\Entity\CommentTree;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;use App\Entity\HomeworkResultComment;use App\Service\RoleCheckerService;class SubstrateVoter extends Voter{ public const SUBSTRATE_SHOW = 'SUBSTRATE_SHOW'; public const SUBSTRATE_SHOW_TREE = 'SUBSTRATE_SHOW_TREE'; private $security; public function __construct(RoleCheckerService $security) { $this->security = $security; } protected function supports($attribute, $subject) { return in_array($attribute, [self::SUBSTRATE_SHOW, self::SUBSTRATE_SHOW_TREE]); } /** * @var HomeworkResultComment|CommentTree $subject */ protected function voteOnAttribute($attribute, $subject, TokenInterface $token) { switch ($attribute) { case 'SUBSTRATE_SHOW': if($this->security->isGranted($subject->getAuthor(), 'ROLE_ADMIN') && $subject->getForEvaluation()){ return true; } break; case 'SUBSTRATE_SHOW_TREE': if($subject->getLevel() > 0) { return false; } if($this->security->isGranted($subject->getAuthor(), 'ROLE_ADMIN')) { return true; } $curator = $subject->getHomeworkResult()->getCurator(); if(!$curator) { $curator = $subject->getHomeworkResult()->getStudent()->getCurator(); } if(!$curator) return false; if($curator->getId() === $subject->getAuthor()->getId()){ return true; } break; } return false; }}