<?phpnamespace App\Security;use App\Entity\System\Employee;use App\Entity\System\Order;use App\Entity\System\OrderStatus;use App\Entity\System\PaymentMethod;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;class OrderVoter extends Voter{ public const PUBLISH = 'publish'; public const CHECK_PAYPAL = 'publish'; /** * @param Order $subject */ protected function supports(string $attribute, $subject): bool { if (!(get_class($subject) === Order::class)) { return false; } return $this->supportsAttribute($attribute); } public function supportsAttribute(string $attribute): bool { $voter = new \ReflectionClass(__CLASS__); $allowedValues = $voter->getConstants(); if (!\array_key_exists($attribute, \array_flip($allowedValues))) { return false; } return true; } /** * @param Order $order */ protected function voteOnAttribute(string $attribute, $order, TokenInterface $token): bool { $user = $token->getUser(); if (!$user instanceof Employee) { return false; } switch ($attribute) { case self::PUBLISH: return $this->publishAllowed($order); case self::CHECK_PAYPAL: return $this->checkPayPal($order); default: throw new \LogicException('This code should not be reached!'); } } private function publishAllowed(Order $order): bool { return $order->getOrderStatus() !== OrderStatus::PROCESSING; } private function checkPayPal(Order $order): bool { if ($order->getPaypalPayerEmail() !== null || $order->getTransactionId() === null) { return false; } return $order->getPayment() === PaymentMethod::PAYMENT_METHOD_PAYPAL; }}