public function vote(AbstractUser $user, array $requestedRoles) { $result = self::ACCESS_ABSTAIN; $userRoles = $user->getRoles(); foreach ($requestedRoles as $role) { if (!$this->supportsRole($role)) { continue; } $result = self::ACCESS_DENIED; foreach ($userRoles as $ur) { /** * @var $ur Role */ if ($role->getRole() === $ur->getRole()) { return self::ACCESS_GRANTED; } } } return $result; }
public function testVoteAccessDenied() { $user = new UserMock(); $user->populate("test", "test", [new Role('ROLE_MOCK')], true); $voter = new RoleVoter(); $this->assertSame(RoleVoter::ACCESS_DENIED, $voter->vote($user, [new Role('ROLE_ADMIN')])); }