/**
* @Route("/comments/{id}", requirements={"id" = "\d+"}, options={"expose" = true})
* @Method("DELETE")
*/
public function removeAction(Comment $comment)
{
if ($comment->getAuthor() != $this->getUser() && !$this->isGranted('ROLE_ADMIN')) {
return new JsonResponse(array('KO'), Response::HTTP_FORBIDDEN);
}
$em = $this->getDoctrine()->getManager();
$em->remove($comment);
$em->flush();
return new JsonResponse(array('OK'));
}
private function canEdit(Comment $comment, User $user)
{
return $comment->getAuthor() == $user;
}
/**
* {@inheritDoc}
*/
public function getAuthor()
{
$this->__initializer__ && $this->__initializer__->__invoke($this, 'getAuthor', array());
return parent::getAuthor();
}
private function canEdit(Comment $post, Author $user)
{
// this assumes that the data object has a getOwner() method
// to get the entity of the user who owns this data object
return $user === $post->getAuthor();
}
