/** * If this action is protected by security roles, make sure that the * current user possesses at least one of them. * * Return true to continue normal processing, or false if an appropriate * response has been created and processing should terminate. * * @param \Symfony\Component\HttpFoundation\Request $request The kernel request we are * processing * @param \Symfony\Component\HttpFoundation\Response $response The kernel response we are * creating * @param \Phruts\Action\ActionMapping $mapping The mapping we are using * @return boolean * */ protected function processRoles(\Symfony\Component\HttpFoundation\Request $request, \Symfony\Component\HttpFoundation\Response $response, \Phruts\Action\ActionMapping $mapping) { // Is this action protected by role requirements? $roles = $mapping->getRoleNames(); if (empty($roles)) { return true; } // Check the current user against the list of required roles if (!empty($app['security'])) { $security = $app['security']; foreach ($roles as $role) { if ($security->isGranted($role)) { if (!empty($this->log)) { $token = $app['security']->getToken(); if (null !== $token) { $user = $token->getUser(); } $this->log->debug(' User "' . $user . '" has role "' . $role . '", granting access'); } return true; } } } // The current user is not authorized for this action if (!empty($this->log)) { $this->log->debug(' User does not have any required role, denying access'); } throw new AccessDeniedHttpException($this->getInternal()->getMessage(null, 'notAuthorized', $mapping->getPath())); }