Aşağıdaki örnek ile doğrulanmış veya login olan kullanıcının gerekli role/ulaşım haklarına sahip olup olmadığını kontrol edebilirsiniz.


Örnek


Bu sadece bir örnek bu nedenle bir controller yerine, event listener de kullanabilirsiniz.


namespace Application\ServerBundle\Controller;

use Application\ServerBundle\Entity\User;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;

/**
* @Route("api", service="application_server.controller.api")
*/
class ApiController extends Controller
{
private $authorization;

public function __construct(
AuthorizationCheckerInterface $authorization
) {
$this->authorization = $authorization;
}

/**
* @param Request $request
*
* @Method({"POST"})
* @Route("")
*
* @return Response
*/
public function indexAction(Request $request)
{
$auth = 'Bad';
if ($this->authorization->isGranted('ROLE_ADMIN')) {
$auth = 'Good';
}

.....

return new Response($auth);
}
}

services:
application_server.controller.api:
class: Application\ServerBundle\Controller\ApiController
arguments:
- @security.authorization_checker