hasAttribute(DavTokenAuthenticationEventSubscriber::STORED_OBJECT) || $subject->getUuid()->toString() !== $token->getAttribute(DavTokenAuthenticationEventSubscriber::STORED_OBJECT) ) { return false; } if (!$token->hasAttribute(DavTokenAuthenticationEventSubscriber::ACTIONS)) { return false; } $askedRole = StoredObjectRoleEnum::from($attribute); $tokenRoleAuthorization = $token->getAttribute(DavTokenAuthenticationEventSubscriber::ACTIONS); return match ($askedRole) { StoredObjectRoleEnum::SEE => $tokenRoleAuthorization === StoredObjectRoleEnum::EDIT || $tokenRoleAuthorization === StoredObjectRoleEnum::SEE, StoredObjectRoleEnum::EDIT => $tokenRoleAuthorization === StoredObjectRoleEnum::EDIT }; } }