private function canEdit(Article $article, User $user)
{
if ($user === $article->getUser()) {
return true;
}
return false;
}
/**
* Perform a single access check operation on a given attribute, object and (optionally) user
* It is safe to assume that $attribute and $object's class pass supportsAttribute/supportsClass
* $user can be one of the following:
* a UserInterface object (fully authenticated user)
* a string (anonymously authenticated user)
*
* @param string $attribute
* @param Article $object
* @param UserInterface|string $user
*
* @return bool
*/
protected function isGranted($attribute, $object, $user = null)
{
switch ($attribute) {
case 'UPLOAD_NEW_ARTICLE_REVIEW':
// TODO: check deadtime
if (Article::STATUS_ACCEPTED_SUGGESTIONS == $object->getStateEnd()) {
return true;
}
if (Article::STATUS_ACCEPTED_SUGGESTIONS == $object->getArticleReviews()->last()->getState()) {
return true;
}
break;
case 'OWNER':
if ($user instanceof UserInterface && $user->getUsername() === $object->getUser()->getUsername()) {
return true;
}
break;
}
return false;
}