/** * Listener for comments' votes persistence to avoid voting for own comments * and multiple voting for comments * * @param VotePersistEvent $event * @return void */ public function avoidIncorrectVoting(VotePersistEvent $event) { try { if (!$this->context->isGranted(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED)) { throw new \Exception('Avoid voting if user is not authenticated'); } /** @var $vote SignedVoteInterface */ $vote = $event->getVote(); /** @var $user User */ $user = $this->context->getToken()->getUser(); if ($vote->getVoter() !== $user) { throw new \Exception('Attempt to vote for different user'); } if ($vote->getComment()->getAuthor() === $user) { throw new \Exception('Attempt to vote for own comment'); } $existingVote = $this->voteManager->findVoteBy(array('comment' => $vote->getComment(), 'voter' => $user)); if ($existingVote) { throw new \Exception('Attempt to vote multiple times for same comment'); } } catch (\Exception $e) { $event->abortPersistence(); $event->stopPropagation(); } }
/** * {@inheritDoc} */ public function findVoteBy(array $criteria) { $vote = $this->realManager->findVoteBy($criteria); if (!$this->voteAcl->canView($vote)) { throw new AccessDeniedException(); } return $vote; }