<?phpnamespace App\Security\Voter\Scholar;use App\Entity\Scholar\PracticalCase\PracticalCaseUser;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;use Symfony\Component\Security\Core\Security;class PracticalCaseUserVoter implements VoterInterface{ const PERM_ASSIGNED = 'PERM_ASSIGNED'; public function __construct( private Security $security, ) { } public function vote(TokenInterface $token, $subject, array $attributes): int { if (!in_array(self::PERM_ASSIGNED, $attributes)) { return VoterInterface::ACCESS_ABSTAIN; } if (!$subject instanceof PracticalCaseUser) { return self::ACCESS_ABSTAIN; } $lastResponse = $subject->getPracticalCaseResponses()->last(); if (!$lastResponse) { return self::ACCESS_DENIED; } $assignee = $lastResponse->getAssignedTo(); if (null !== $assignee && $token->getUser() === $assignee) { return self::ACCESS_GRANTED; } return $this->security->isGranted('CHANNEL_USER_PERM_LESSON_SHOW', $subject->getPracticalCase()->getOwnerChannel()); }}