Symfony Profiler

<?php
declare(strict_types=1);
namespace App\Security;
use App\Entity\System\Role;
use App\Manager\System\AdminAclManager;
use App\Service\SecurityService;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
class AdminAclVoter extends Voter
{
public const ALLOW_ADMIN_ACCESS = 'ALLOW_ADMIN_ACCESS';
private AdminAclManager $ACLManager;
private RequestStack $requestStack;
private SecurityService $securityService;
public function __construct(
AdminAclManager $ACLManager,
RequestStack $requestStack,
SecurityService $securityService
) {
$this->ACLManager = $ACLManager;
$this->requestStack = $requestStack;
$this->securityService = $securityService;
}
protected function supports($attribute, $subject): bool
{
return $attribute === self::ALLOW_ADMIN_ACCESS;
}
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
{
$employee = $this->securityService->findSessionEmployee();
if (!$employee) {
return false;
}
if ($this->securityService->isGranted(Role::ROLE_EMPLOYEE_DEVELOPER)) {
return true;
}
if (is_string($subject)) {
$route = $subject;
} elseif ($subject instanceof Request) {
$route = $this->requestStack->getMainRequest()->get('_route');
} else {
return false;
}
$adminACL = $this->ACLManager->findOneBy(['route' => $route]);
if (!$adminACL) {
return false;
}
foreach ($adminACL->getRoles() as $role) {
if ($this->securityService->isGranted($role->getName(), $employee)) {
return true;
}
}
if ($adminACL->getEmployees()->contains($employee)) {
return true;
}
return false;
}
}

src/Security/AdminAclVoter.php line 15