vendor/sulu/sulu/src/Sulu/Component/Security/Authorization/SecurityContextVoter.php line 22
<?php/** This file is part of Sulu.** (c) Sulu GmbH** This source file is subject to the MIT license that is bundled* with this source code in the file LICENSE.*/namespace Sulu\Component\Security\Authorization;use Sulu\Bundle\SecurityBundle\Entity\User;use Sulu\Component\Security\Authorization\AccessControl\AccessControlManagerInterface;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;/*** Checks the Sulu security.*/class SecurityContextVoter implements VoterInterface{/*** The permissions available, defined by config.** @var array*/private $permissions;/*** @var AccessControlManagerInterface*/private $accessControlManager;public function __construct(AccessControlManagerInterface $accessControlManager, $permissions){$this->accessControlManager = $accessControlManager;$this->permissions = $permissions;}public function supportsAttribute($attribute){return \in_array($attribute, \array_keys($this->permissions));}public function supportsClass($class){return SecurityCondition::class === $class || \is_subclass_of($class, SecurityCondition::class);}public function vote(TokenInterface $token, $object, array $attributes){/** @var User $user */$user = $token->getUser();if (!\is_object($object) ||!$this->supportsClass(\get_class($object))) {return VoterInterface::ACCESS_ABSTAIN;}$userPermissions = $this->accessControlManager->getUserPermissions($object, $user);if (0 === \count($userPermissions)) {return VoterInterface::ACCESS_DENIED;}// only if all attributes are granted the access is grantedforeach ($attributes as $attribute) {if (isset($userPermissions[$attribute]) && !$userPermissions[$attribute]) {return VoterInterface::ACCESS_DENIED;}}return VoterInterface::ACCESS_GRANTED;}}