public function newPostAction() { if (!$this->isGranted('CREATE', new AdminPost())) { throw new AccessDeniedException(); } return $this->createForm(new AdminPostType(), null, ['csrf_protection' => false]); }