/**
* Updates the given user to the given role
*
* @Route("/users/{id}/role/{role}")
* @Method({"PUT","POST"})
* @Security("has_role('ROLE_SUPER_ADMIN')")
* @ApiDoc(
* requirements={
* {"name"="id", "description"="The ID of the user to update", "dataType"="integer", "requirement"="\d+"},
* {"name"="role", "description"="The new role for the user", "dataType"="role", "requirement"="ROLE_USER|ROLE_ADMIN|ROLE_SUPER_ADMIN"}
* },
* tags={
* "Super Admin" = "#ff1919"
* }
* )
*/
public function setUserRole(User $user, $role)
{
if ($user->getId() === $this->getUser()->getId()) {
throw new AccessDeniedHttpException("You may not set roles on yourself.");
}
if (in_array($role, ["ROLE_USER", "ROLE_ADMIN", "ROLE_SUPER_ADMIN"])) {
$user->setRoles([$role]);
}
$this->_em->flush();
return new JsonResponse($user);
}
