private function canEdit(Tender $tender, EconomicUser $user) { // this assumes that the data object has a getOwner() method // to get the entity of the user who owns this data object return $user === $tender->getBid()->getEconomicUser(); }
/** * @Route("/bid/{id}/tender/new", name="user_tender_new") * @Template() * @Security("has_role('ROLE_ECONOMIC')") */ public function tenderNewAction(Request $request, $id) { $em = $this->getDoctrine()->getManager(); $bid = $em->getRepository('AppBundle:Bid')->findOneBy(array('id' => $id)); if (!$bid) { throw $this->createNotFoundException('No record found for bid with id' . $id); } $tender = new Tender(); $tender->setBid($bid); $form = $this->createForm(TenderType::class, $tender); $form->handleRequest($request); if ($form->isSubmitted() && $form->isValid()) { $data = $form->getData(); $em->persist($data); $em->flush(); //Audit $audit = new Audit(); $user = $this->get('security.token_storage')->getToken()->getUser(); $audit->setUsername($user->getUsername()); $audit->setName($user->getFirstname() . " " . $user->getLastname()); $audit->setFunctionType("Economic"); $audit->setEventType("New tender"); $audit->setDossier($data->getBid()->getContract()); $em->persist($audit); $em->flush(); return $this->redirect($this->generateUrl('user_view_tender', array('id' => $id))); } $engine = $this->container->get('templating'); $content = $engine->render('AppBundle:User:new_tender.html.twig', array('form' => $form->createView())); return $response = new Response($content); }