<?phpnamespace App\Security\Voter;use App\Entity\AppTrainingUser;use App\Entity\Establishment;use App\Entity\Program;use App\Entity\Session;use App\Entity\User;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\Voter;use Symfony\Component\Security\Core\Security;use Symfony\Component\Security\Core\User\UserInterface;class IsOwnerVoter extends Voter{ public function __construct(private readonly Security $security) { } protected function supports(string $attribute, $subject): bool { return $attribute == 'IS_DOCTOR_AND_OWNER'; } protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool { $user = $token->getUser(); // if the user is anonymous, do not grant access if (!$user instanceof UserInterface) { return false; } // si la personne n'est pas docteur, accès interdit if (!$this->security->isGranted('ROLE_DOCTOR')) { return false; } if ($subject instanceof Session || $subject instanceof Program) { if ($user->getEstablishment() instanceof Establishment) { if ($subject->getEstablishment() === $user->getEstablishment()) { return true; } } } if ($subject instanceof AppTrainingUser) { if ($subject->getUser() instanceof User && $subject->getUser()->getEstablishment() instanceof Establishment && $subject->getUser()->getEstablishment() === $user->getEstablishment()) { return true; } } return false; }}