Allow to cache support status of voters

This should increase the performance a bit

src/Security/Voter/AttachmentVoter.php

@@ -47,6 +47,8 @@ use function in_array;
 
 final class AttachmentVoter extends Voter
 {
+    private const ALLOWED_ATTRIBUTES = ['read', 'view', 'edit', 'delete', 'create', 'show_private', 'show_history'];
+
     public function __construct(private readonly Security $security, private readonly VoterHelper $helper)
     {
     }
@@ -134,10 +136,20 @@ final class AttachmentVoter extends Voter
     {
         if (is_a($subject, Attachment::class, true)) {
             //These are the allowed attributes
-            return in_array($attribute, ['read', 'view', 'edit', 'delete', 'create', 'show_private', 'show_history'], true);
+            return in_array($attribute, self::ALLOWED_ATTRIBUTES, true);
         }
 
         //Allow class name as subject
         return false;
     }
+
+    public function supportsAttribute(string $attribute): bool
+    {
+        return in_array($attribute, self::ALLOWED_ATTRIBUTES, true);
+    }
+
+    public function supportsType(string $subjectType): bool
+    {
+        return $subjectType === 'string' || is_a($subjectType, Attachment::class, true);
+    }
 }

src/Security/Voter/GroupVoter.php

@@ -62,4 +62,14 @@ final class GroupVoter extends Voter
 
         return false;
     }
+
+    public function supportsAttribute(string $attribute): bool
+    {
+        return $this->helper->isValidOperation('groups', $attribute);
+    }
+
+    public function supportsType(string $subjectType): bool
+    {
+        return $subjectType === 'string' || is_a($subjectType, Group::class, true);
+    }
 }

src/Security/Voter/HasAccessPermissionsVoter.php

@@ -51,4 +51,9 @@ final class HasAccessPermissionsVoter extends Voter
     {
         return $attribute === self::ROLE;
     }
+
+    public function supportsAttribute(string $attribute): bool
+    {
+        return $attribute === self::ROLE;
+    }
 }

src/Security/Voter/ImpersonateUserVoter.php

@@ -47,4 +47,14 @@ final class ImpersonateUserVoter extends Voter
     {
         return $this->helper->isGranted($token, 'users', 'impersonate');
     }
+
+    public function supportsAttribute(string $attribute): bool
+    {
+        return $attribute === 'CAN_SWITCH_USER';
+    }
+
+    public function supportsType(string $subjectType): bool
+    {
+        return is_a($subjectType, User::class, true);
+    }
 }

src/Security/Voter/LabelProfileVoter.php

@@ -78,4 +78,14 @@ final class LabelProfileVoter extends Voter
 
         return false;
     }
+
+    public function supportsAttribute(string $attribute): bool
+    {
+        return isset(self::MAPPING[$attribute]);
+    }
+
+    public function supportsType(string $subjectType): bool
+    {
+        return is_a($subjectType, LabelProfile::class, true);
+    }
 }

src/Security/Voter/LogEntryVoter.php

@@ -85,4 +85,14 @@ final class LogEntryVoter extends Voter
 
         return false;
     }
+
+    public function supportsAttribute(string $attribute): bool
+    {
+        return in_array($attribute, static::ALLOWED_OPS, true);
+    }
+
+    public function supportsType(string $subjectType): bool
+    {
+        return is_a($subjectType, AbstractLogEntry::class, true);
+    }
 }

src/Security/Voter/OrderdetailVoter.php

@@ -90,4 +90,14 @@ final class OrderdetailVoter extends Voter
 
         return false;
     }
+
+    public function supportsAttribute(string $attribute): bool
+    {
+        return in_array($attribute, self::ALLOWED_PERMS, true);
+    }
+
+    public function supportsType(string $subjectType): bool
+    {
+        return $subjectType === 'string' || is_a($subjectType, Orderdetail::class, true);
+    }
 }

src/Security/Voter/ParameterVoter.php

@@ -47,6 +47,8 @@ use Symfony\Component\Security\Core\Authorization\Voter\Voter;
 final class ParameterVoter extends Voter
 {
 
+    private const ALLOWED_ATTRIBUTES = ['read', 'edit', 'delete', 'create', 'show_history', 'revert_element'];
+
     public function __construct(private readonly Security $security, private readonly VoterHelper $helper)
     {
     }
@@ -113,10 +115,21 @@ final class ParameterVoter extends Voter
     {
         if (is_a($subject, AbstractParameter::class, true)) {
             //These are the allowed attributes
-            return in_array($attribute, ['read', 'edit', 'delete', 'create', 'show_history', 'revert_element'], true);
+            return in_array($attribute, self::ALLOWED_ATTRIBUTES, true);
         }
 
         //Allow class name as subject
         return false;
     }
+
+    public function supportsAttribute(string $attribute): bool
+    {
+        return in_array($attribute, self::ALLOWED_ATTRIBUTES, true);
+    }
+
+    public function supportsType(string $subjectType): bool
+    {
+        return $subjectType === 'string' || is_a($subjectType, AbstractParameter::class, true);
+    }
+
 }

src/Security/Voter/PartLotVoter.php

@@ -101,4 +101,14 @@ final class PartLotVoter extends Voter
 
         return false;
     }
+
+    public function supportsAttribute(string $attribute): bool
+    {
+        return in_array($attribute, self::ALLOWED_PERMS, true);
+    }
+
+    public function supportsType(string $subjectType): bool
+    {
+        return $subjectType === 'string' || is_a($subjectType, PartLot::class, true);
+    }
 }

src/Security/Voter/PartVoter.php

@@ -56,4 +56,14 @@ final class PartVoter extends Voter
         //Null concealing operator means, that no
         return $this->helper->isGranted($token, 'parts', $attribute);
     }
+
+    public function supportsAttribute(string $attribute): bool
+    {
+        return $this->helper->isValidOperation('parts', $attribute);
+    }
+
+    public function supportsType(string $subjectType): bool
+    {
+        return is_a($subjectType, Part::class, true);
+    }
 }

src/Security/Voter/PermissionVoter.php

@@ -47,6 +47,12 @@ final class PermissionVoter extends Voter
         return $this->helper->isGranted($token, $perm, $op);
     }
 
+    public function supportsAttribute(string $attribute): bool
+    {
+        //Check if the attribute has the form '@permission.operation'
+        return preg_match('#^@\\w+\\.\\w+$#', $attribute) === 1;
+    }
+
     /**
      * Determines if the attribute and subject are supported by this voter.
      *

src/Security/Voter/PricedetailVoter.php

@@ -87,4 +87,14 @@ final class PricedetailVoter extends Voter
 
         return false;
     }
+
+    public function supportsType(string $subjectType): bool
+    {
+        return $subjectType === 'string' || is_a($subjectType, Pricedetail::class, true);
+    }
+
+    public function supportsAttribute(string $attribute): bool
+    {
+        return in_array($attribute, self::ALLOWED_PERMS, true);
+    }
 }

src/Security/Voter/StructureVoter.php

@@ -76,6 +76,11 @@ final class StructureVoter extends Voter
         return false;
     }
 
+    public function supportsType(string $subjectType): bool
+    {
+        return $subjectType === 'string' || $this->instanceToPermissionName($subjectType) !== null;
+    }
+
     /**
      * Maps an instance type to the permission name.
      *

src/Security/Voter/UserVoter.php

@@ -60,6 +60,16 @@ final class UserVoter extends Voter
         return false;
     }
 
+    public function supportsAttribute(string $attribute): bool
+    {
+        return $this->helper->isValidOperation('users', $attribute) || $this->helper->isValidOperation('self', $attribute);
+    }
+
+    public function supportsType(string $subjectType): bool
+    {
+        return $subjectType === 'string' || is_a($subjectType, User::class, true);
+    }
+
     /**
      * Similar to voteOnAttribute, but checking for the anonymous user is already done.
      * The current user (or the anonymous user) is passed by $user.