/** * Perform a single access check operation on a given attribute, object and (optionally) user * It is safe to assume that $attribute and $object's class pass supportsAttribute/supportsClass * $user can be one of the following: * a UserInterface object (fully authenticated user) * a string (anonymously authenticated user) * * @param string $attribute * @param ArticleReview $object * @param UserInterface|string $user * * @return bool */ protected function isGranted($attribute, $object, $user = null) { if ($user == $object->getArticle()->getInscription()->getUser()) { return true; } /** @var Reviewer $reviewer */ foreach ($object->getArticle()->getReviewers() as $reviewer) { if ($reviewer->getUser() == $user) { return true; } } return false; }
/** * @Route("/{id}", name="article_review_see") * @Template("frontend/ArticleReview/show.html.twig") * Función para obtener los comentarios de los artículos */ public function commentsAction(ArticleReview $articleReview) { $conference = $this->getConference(); $user = $this->getUser(); $exist = $articleReview->getArticle()->getInscription()->getUser(); if ($user != $exist) { $this->addFlash('alert', $this->get('translator')->trans('You can not see other comments')); return $this->redirectToRoute('article_list'); } $comments = $this->getDoctrine()->getRepository('AppBundle:ReviewComments')->findBy(array('articleReview' => $articleReview)); if ($articleReview->getState() == 'sent') { $this->addFlash('alert', $this->get('translator')->trans('There are not any comments')); return $this->redirectToRoute('article_list'); } return ['conference' => $conference, 'comments' => $comments]; }