/** * @EXT\Route( * "/{event}/update", * name="claro_workspace_agenda_update" * ) * @EXT\Method("POST") * @EXT\Template("ClarolineAgendaBundle:Agenda:updateEventModalForm.html.twig") * * @return \Symfony\Component\HttpFoundation\Response */ public function updateAction(Event $event) { $this->agendaManager->checkEditAccess($event->getWorkspace()); $formType = $this->get('claroline.form.agenda'); $form = $this->createForm($formType, $event); $form->handleRequest($this->request); if ($form->isValid()) { $users = $form->get('users')->getData(); $event = $this->agendaManager->updateEvent($event, $users); return new JsonResponse($event, 200); } return array('form' => $form->createView(), 'action' => $this->router->generate('claro_workspace_agenda_update', array('event' => $event->getId())), 'event' => $event); }
private function checkPermission(Event $event) { if ($event->isEditable() === false) { throw new AccessDeniedException('You cannot edit this event'); } if ($event->getWorkspace()) { if (!$this->authorization->isGranted(array('agenda_', 'edit'), $event->getWorkspace())) { throw new AccessDeniedException('You cannot edit the agenda'); } return; } if ($this->tokenStorage->getToken()->getUser() != $event->getUser()) { throw new AccessDeniedException('You cannot edit the agenda'); } }