public function it_shouldnt_edit_comment(EditorialComment $comment, User $user, User $newUser) { $comment->getUser()->willReturn($user); $comment->setComment(Argument::type('string'))->willReturn(true); $newUser->getId()->willReturn(5); $newUser->isAdmin()->willReturn(false); $this->shouldThrow('Symfony\\Component\\HttpKernel\\Exception\\AccessDeniedHttpException')->during('edit', array('updated comment', $comment, $newUser)); }
/** * Edit existing editorial comment message * @param string $commentContent * @param EditorialComment $comment * @param User $user */ public function edit($commentContent, EditorialComment $comment, User $user) { if ($comment->getUser()->getId() == $user->getId() || $user->isAdmin()) { $comment->setComment($commentContent); } else { throw new AccessDeniedHttpException("User is not allowed to edit someone else comment"); } $this->em->flush(); return true; }