<?phpnamespace App\Security;use App\Entity\AppUser;use App\Entity\Employee;use App\Entity\RoleAction;use App\Entity\UserRole;use App\Utils\Consts;use Doctrine\ORM\EntityManagerInterface;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;use Symfony\Component\Security\Core\Security;use Symfony\Component\Security\Core\User\UserInterface;class VacationCentraleVoter extends Voter{ public const ACCEPTED = 'ACCEPTED'; public const REJECTED = 'REJECTED'; protected function supports(string $attribute, $subject): bool { // replace with your own logic // https://symfony.com/doc/current/security/voters.html return in_array($attribute, [self::ACCEPTED, self::REJECTED]) && $subject instanceof \App\Entity\Vacation; } private $entityManager; private $security; public function __construct(EntityManagerInterface $entityManager,Security $security) { $this->entityManager = $entityManager; $this->security = $security; } protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool { $userConnected = $token->getUser(); // if the user is anonymous, do not grant access if (!$userConnected instanceof AppUser) { return false; } $canSetActions = false; $isCentral = false; if ($this->entityManager->getRepository(RoleAction::class)->hasRoleAction($userConnected,'canSetActions')) { $canSetActions = true; } if ($this->entityManager->getRepository(RoleAction::class)->hasRoleAction($userConnected,'isCentrale')) { $isCentral = true; } switch ($attribute) { case self::REJECTED: case self::ACCEPTED: if($isCentral && $canSetActions){ return true; } break; } return false; }}