src/Security/Voter/SwitchToUserVoter.php line 9

  1. <?php
  3. namespace App\Security\Voter;
  5. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  6. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  7. use Symfony\Component\Security\Core\User\UserInterface;
  9. class SwitchToUserVoter extends Voter
  10. {
  11.     protected function supports($attribute$subject): bool
  12.     {
  13.         return in_array($attribute, ['CAN_SWITCH_USER'])
  14.             && $subject instanceof UserInterface;
  15.     }
  17.     protected function voteOnAttribute($attribute$subjectTokenInterface $token): bool
  18.     {
  19.         $user $token->getUser();
  21.         if (!$user instanceof UserInterface || !$subject instanceof UserInterface) {
  22.             return false;
  23.         }
  24.         if ($subject->getCreator() != $user) {
  25.             $checkUserAncestor = function($userRecord) use (&$checkUserAncestor) {
  26.                 if ($userRecord->getCreator()) {
  27.                     return $checkUserAncestor($userRecord->getCreator());
  28.                 } else {
  29.                     return $userRecord;
  30.                 }
  31.             };
  32.             if ($checkUserAncestor($subject) == $user) {
  33.                 return true;
  34.             }
  35.             return $user->getControlling()->includes($subject);
  36.         }
  39.         return true;
  40.     }
  41. }