<?phpnamespace App\Infrastructure\Security;use App\Domain\Common\Entity\User;use App\Domain\Common\Enum\UserTypeEnum;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;class DiagnosticVoter extends Voter{ public const SHOW_DIAGNOSTIC_LIST = 'SHOW_DIAGNOSTIC_LIST'; public const EXPORT_DIAGNOSTIC = 'EXPORT_DIAGNOSTIC'; protected function supports(string $attribute, $subject): bool { return \in_array($attribute, [ self::SHOW_DIAGNOSTIC_LIST, self::EXPORT_DIAGNOSTIC, ], true); } protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool { $grantedUserTypes = [ UserTypeEnum::TYPE_ADMIN, UserTypeEnum::TYPE_OPAC_VALIDATEUR_N1, UserTypeEnum::TYPE_OPAC_VALIDATEUR_N2, UserTypeEnum::TYPE_OPAC_READ_ONLY, UserTypeEnum::TYPE_DIAGNOSTIQUEUR, ]; $user = $token->getUser(); if (!$user instanceof User) { return false; } $isGranted = \in_array($user->getType(), $grantedUserTypes, true); return match ($attribute) { self::SHOW_DIAGNOSTIC_LIST => $isGranted, self::EXPORT_DIAGNOSTIC => $isGranted && UserTypeEnum::TYPE_DIAGNOSTIQUEUR !== $user->getType(), default => false, }; }}