<?phpnamespace App\Voters;use App\Entity\Person\Patient;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;class PatientVoter extends OrganisationVoter{ protected function supports($attribute, $subject = null) { if (!in_array($attribute, [self::VIEW, self::CREATE, self::EDIT])) { return false; } if (!$subject instanceof Patient && $subject !== null) { return false; } return true; } protected function voteOnAttribute($attribute, $subject, TokenInterface $token) { $user = $token->getUser(); switch ($attribute) { case self::VIEW: if ($this->decisionManager->decide($token, ['ROLE_SUB_PATIENT_LIST'])) { return true; } break; case self::CREATE: if ($this->decisionManager->decide($token, ['ROLE_SUB_PATIENT_PROFILE'])) { if ($user->isSuperClinicAdmin()) { return parent::voteOnAttribute(self::VIEW, $subject->getClinic()->getOrganisation(), $token); } return $user->getClinic() === $subject->getClinic() || $subject->getAllowedClinics()->contains($user->getClinic()); } break; case self::EDIT: if ($this->decisionManager->decide($token, ['ROLE_SUB_PATIENT_RECORD'])) { if ($user->isSuperClinicAdmin()) { return parent::voteOnAttribute(self::VIEW, $subject->getClinic()->getOrganisation(), $token); } return $user->getClinic() === $subject->getClinic(); } break; } return false; }}