/** * @param Post $post * @param User $user * * @return bool */ private function isEditGranted(Post $post, User $user) { switch ($post->getState()) { case Post::STATUS_DRAFT: return $post->isAuthor($user); case Post::STATUS_REVIEW: return $user->isAdmin(); } return false; }
/** * Displays a form to edit an existing Post entity. * * @Route("/{id}/edit", requirements={"id" = "\d+"}, name="admin_post_edit") * @Method({"GET", "POST"}) * @Security("has_role('ROLE_USER')") */ public function editAction(Post $post, Request $request) { if (null === $this->getUser() || !$post->isAuthor($this->getUser())) { throw $this->createAccessDeniedException('Posts can only be edited by their authors.'); } if ($post->getState() !== Post::STATUS_DRAFT) { return $this->redirectToRoute('admin_post_index'); } $em = $this->getDoctrine()->getManager(); $editForm = $this->createForm(new PostType(), $post); $deleteForm = $this->createDeleteForm($post); $editForm->handleRequest($request); if ($editForm->isSubmitted() && $editForm->isValid()) { $post->setSlug($this->get('slugger')->slugify($post->getTitle())); if ($request->request->has('publish')) { $post->setState(Post::STATUS_VOTING); } $em->flush(); return $this->redirectToRoute('admin_post_edit', array('id' => $post->getId())); } return $this->render('admin/blog/edit.html.twig', array('post' => $post, 'edit_form' => $editForm->createView(), 'delete_form' => $deleteForm->createView())); }