src/Platform/SecurityBundle/Security/Voter/SuperUserVoter.php line 10

Open in your IDE?
  1. <?php
  3. namespace Platform\SecurityBundle\Security\Voter;
  5. use Platform\SecurityBundle\Entity\Identity\Account;
  6. use Platform\SecurityBundle\Model\PlatformSubject;
  7. use Platform\SecurityBundle\Security\PlatformVoter;
  8. use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
  10. final class SuperUserVoter extends PlatformVoter
  11. {
  12.     /**
  13.      * {@inheritDoc}
  14.      */
  15.     protected function supports(
  16.         Account $account,
  17.         string $attribute,
  18.         ?PlatformSubject $subject null
  19.     ): bool
  20.     {
  21.         // skip checking internal stuff
  22.         if ($this->sentry->isInternalPermission($attribute)) {
  23.             return false;
  24.         }
  26.         // no reason to run this voter if the account is not a superuser...
  27.         return $account->getSpecialPermissions()->isSuperUser();
  28.     }
  30.     /**
  31.      * {@inheritdoc}
  32.      */
  33.     protected function poll(
  34.         Account $account,
  35.         string $permission,
  36.         ?PlatformSubject $subject null
  37.     ): int
  38.     {
  39.         return $account->getSpecialPermissions()->isSuperUser()
  40.             ? VoterInterface::ACCESS_GRANTED
  41.             VoterInterface::ACCESS_ABSTAIN;
  42.     }
  44.     /**
  45.      * {@inheritdoc}
  46.      */
  47.     protected function try(
  48.         Account $account,
  49.         string $permission
  50.     ): int
  51.     {
  52.         return $this->poll($account$permission);
  53.     }
  54. }