Symfony Profiler

<?php
namespace App\Security\Voter;
use App\Service\PermissionService;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Symfony\Component\Security\Core\User\UserInterface;
class PermissionVoter extends Voter
{
public const PERMISSION = 'PERMISSION';
public function __construct(
private PermissionService $permissionService
) {
}
protected function supports(string $attribute, mixed $subject): bool
{
// Le format attendu est "PERMISSION:module:action"
return str_starts_with($attribute, 'PERMISSION:');
}
protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool
{
$user = $token->getUser();
// Si l'utilisateur n'est pas connecté, refuser l'accès
if (!$user instanceof UserInterface) {
return false;
}
// Extraire le module et l'action de l'attribut
// Format: "PERMISSION:module:action"
$parts = explode(':', $attribute);
if (count($parts) !== 3 || $parts[0] !== 'PERMISSION') {
return false;
}
$module = $parts[1];
$action = $parts[2];
return $this->permissionService->hasPermission($user, $module, $action);
}
}

src/Security/Voter/PermissionVoter.php line 10