/** * Perform a single access check operation on a given attribute, object and (optionally) user * It is safe to assume that $attribute and $object's class pass supportsAttribute/supportsClass * $user can be one of the following: * a UserInterface object (fully authenticated user) * a string (anonymously authenticated user) * * @param string $attribute * @param Article $object * @param UserInterface|string $user * * @return bool */ protected function isGranted($attribute, $object, $user = null) { if ($object->getStateEnd() != Article::STATUS_SENT) { return false; } /** @var Reviewer $reviewer */ foreach ($object->getReviewers() as $reviewer) { if ($reviewer->getUser() == $user) { $reviews = $object->getArticleReviews()->last()->getReviewComments(); /** @var ReviewComments $review */ foreach ($reviews as $review) { if ($review->getReviewer()->getUser() == $user) { return false; } } return true; } } return false; }
/** * Perform a single access check operation on a given attribute, object and (optionally) user * It is safe to assume that $attribute and $object's class pass supportsAttribute/supportsClass * $user can be one of the following: * a UserInterface object (fully authenticated user) * a string (anonymously authenticated user) * * @param string $attribute * @param Article $object * @param UserInterface|string $user * * @return bool */ protected function isGranted($attribute, $object, $user = null) { switch ($attribute) { case 'UPLOAD_NEW_ARTICLE_REVIEW': // TODO: check deadtime if (Article::STATUS_ACCEPTED_SUGGESTIONS == $object->getStateEnd()) { return true; } if (Article::STATUS_ACCEPTED_SUGGESTIONS == $object->getArticleReviews()->last()->getState()) { return true; } break; case 'OWNER': if ($user instanceof UserInterface && $user->getUsername() === $object->getUser()->getUsername()) { return true; } break; } return false; }
/** * Perform a single access check operation on a given attribute, object and (optionally) user * It is safe to assume that $attribute and $object's class pass supportsAttribute/supportsClass * $user can be one of the following: * a UserInterface object (fully authenticated user) * a string (anonymously authenticated user) * * @param string $attribute * @param Article $object * @param UserInterface|string $user * * @return bool */ protected function isGranted($attribute, $object, $user = null) { if ($object->getStateEnd() != Article::STATUS_SENT) { return true; } }