<?phpnamespace App\Security\Voter;use App\Entity\Account\User;use App\Entity\Channel\Channel;use App\Entity\Chat\Conversation;use App\Service\Account\UserService;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;class AdminVoter implements VoterInterface{ public function __construct( private UserService $userService ) {} public function vote(TokenInterface $token, $subject, array $attributes): int { if (!in_array('NIM_ADMIN', $attributes)) { return VoterInterface::ACCESS_ABSTAIN; } /** @var User $user */ $user = $token->getUser(); if ($subject instanceof Channel) { return $this->accessForChannel($subject, $user); } else if ($subject instanceof Conversation) { return $this->accessForConversation($subject, $user); } return VoterInterface::ACCESS_DENIED; } private function accessForConversation(Conversation $conversation, User $user): int { if ($this->userService->isAdminForConversation($user, $conversation)) { return VoterInterface::ACCESS_GRANTED; } return VoterInterface::ACCESS_DENIED; } private function accessForChannel(Channel $channel, User $user): int { if ($this->userService->isCoordinator($user, $channel)) { return VoterInterface::ACCESS_GRANTED; } $channelUserData = $user->getChannelUserDataByChannel($channel); if (!$channelUserData) { return VoterInterface::ACCESS_DENIED; } if ($channelUserData->isLearner() === false) { return VoterInterface::ACCESS_GRANTED; } return VoterInterface::ACCESS_DENIED; }}