/** * {@inheritdoc} */ protected function checkPermissions($entity, ObjectManager $em) { $loggedUserId = $this->securityFacade->getLoggedUserId(); if ($loggedUserId && $loggedUserId == $entity->getId()) { throw new ForbiddenException('self delete'); } if ($this->securityFacade->hasUserSidSharedRecords($entity)) { throw new ForbiddenException('user has shared records'); } parent::checkPermissions($entity, $em); }
public function testHasUserSidSharedRecords() { $token = $this->getMockBuilder('Symfony\\Component\\Security\\Core\\Authentication\\Token\\TokenInterface')->disableOriginalConstructor()->getMock(); $user = $this->getMockBuilder('Symfony\\Component\\Security\\Core\\User\\UserInterface')->disableOriginalConstructor()->getMock(); $token->expects($this->once())->method('getUser')->willReturn($user); $this->securityContext->expects($this->once())->method('getToken')->willReturn($token); $this->shareProvider->expects($this->once())->method('hasUserSidSharedRecords')->willReturn(true); $this->assertTrue($this->facade->hasUserSidSharedRecords()); }