src/Security/Voters/Shop/OrderVoter.php line 13
<?phpdeclare(strict_types=1);namespace App\Security\Voters\Shop;use App\Entity\Shop\Order;use App\Enums\Operation;use App\Enums\Roles;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\CacheableVoterInterface;class OrderVoter implements CacheableVoterInterface{public function __construct(private readonly \Symfony\Bundle\SecurityBundle\Security $security,) {}public function supportsAttribute(string $attribute): bool{return Operation::match($attribute);}public function supportsType(string $subjectType): bool{return Order::class === $subjectType;}public function vote(TokenInterface $token, mixed $subject, array $attributes): int{return match ($attributes) {[Operation::READ->value] => $this->checkRead($token, $subject),[Operation::CREATE->value] => $this->checkCreate(),default => self::ACCESS_DENIED,};}private function checkCreate(): int{if ($this->security->isGranted(Roles::ROLE_USER)) {return self::ACCESS_GRANTED;}return self::ACCESS_DENIED;}private function checkRead(TokenInterface $token, Order $subject): int{if ($token->getUserIdentifier() === $subject->getBuyer()->getUserIdentifier()) {return self::ACCESS_GRANTED;}return self::ACCESS_DENIED;}}