@@ -94,17 +94,23 @@ edit a particular object. Here's an example implementation:
9494 return false;
9595 }
9696
97- // the data object could have for example a method isPrivate()
98- // which checks the Boolean attribute $private
99- if ($attribute == self::VIEW && !$post->isPrivate()) {
100- return true;
101- }
102-
103- // we assume that our data object has a method getOwner() to
104- // get the current owner user entity for this data object
105- if ($attribute == self::EDIT && $user->getId() === $post->getOwner()->getId()) {
106- return true;
107- }
97+ switch($attribute) {
98+ case self::VIEW:
99+ // the data object could have for example a method isPrivate()
100+ // which checks the Boolean attribute $private
101+ if (!$post->isPrivate()) {
102+ return true;
103+ }
104+
105+ break;
106+ case self::EDIT:
107+ // we assume that our data object has a method getOwner() to
108+ // get the current owner user entity for this data object
109+ if ($user->getId() === $post->getOwner()->getId()) {
110+ return true;
111+ }
112+
113+ break;
108114
109115 return false;
110116 }
@@ -195,7 +201,6 @@ from the authorization checker is called.
195201
196202 use Symfony\Bundle\FrameworkBundle\Controller\Controller;
197203 use Symfony\Component\HttpFoundation\Response;
198- use Symfony\Component\Security\Core\Exception\AccessDeniedException;
199204
200205 class PostController extends Controller
201206 {
@@ -204,9 +209,10 @@ from the authorization checker is called.
204209 // get a Post instance
205210 $post = ...;
206211
207- // keep in mind, this will call all registered security voters
208- if (false === $this->get('security.authorization_checker')->isGranted('view', $post)) {
209- throw new AccessDeniedException('Unauthorised access!');
212+ $authChecker = $this->get('security.authorization_checker');
213+
214+ if (false === $authChecker->isGranted('view', $post)) {
215+ throw $this->createAccessDeniedException('Unauthorized access!');
210216 }
211217
212218 return new Response('<h1 >'.$post->getName().'</h1 >');
0 commit comments