Authorization in a controller

# Example of using wrapper #

public function hello($name)
{
// The second parameter is used to specify on what object the role is tested.
$this->denyAccessUnlessGranted('ROLE_ADMIN', null, 'Unable to access this page!');

// ...
}

# Example of using AuthorizationChecker

use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface
use Symfony\Component\Security\Core\Exception\AccessDeniedException;

public function hello($name, AuthorizationCheckerInterface $authChecker)
{
if (false === $authChecker->isGranted('ROLE_ADMIN')) {
throw new AccessDeniedException('Unable to access this page!');
}

// ...
}

# Example of using annotation #

use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;

/**
* @Security("has_role('ROLE_ADMIN')")
*/
public function hello($name)
{
// ...
}

Comments

Symfony General