private function canEdit(Comment $comment, User $user) { // this assumes that the data object has a getOwner() method // to get the entity of the user who owns this data object if ($comment->getUser()->getIsAdmin() and !$user->getIsAdmin()) { return false; } return $user === $comment->getUser() or $user->getIsAdmin() or $user === $comment->getPost()->getAuthor(); }
private function canEdit(Comment $comment, User $user) { if ($user === $comment->getArticle()->getUser() && !in_array('ROLE_ADMIN', $comment->getUser()->getRoles())) { return true; } if ($user === $comment->getUser()) { return true; } return false; }
private function canEdit(Comment $comment, UserInterface $user, TokenInterface $token) { if ($this->decisionManager->decide($token, ['ROLE_MANAGER']) && (!$comment->getUser() || !$this->roleHierarchyChecker->check($comment->getUser(), 'ROLE_ADMIN')) && $comment->getPost()->getOwner() == $user) { return true; } if ($comment->getUser() === $user) { return true; } return false; }
protected function isAdmin(Comment $comment) { $roles = $comment->getUser()->getRoles(); if (in_array("ROLE_ADMIN", $roles)) { return true; } else { return false; } }