/**
* This function gets the current user object and needs to validate its access against the required roles.
* The function must either return ACCESS_GRANTED, ACCESS_ABSTAIN or ACCESS_DENIED.
*
* @param AbstractUser $user Current user instance.
* @param array $requestedRoles An array of requested roles for the current access map.
*
* @return integer ACCESS_GRANTED, ACCESS_ABSTAIN or ACCESS_DENIED.
*/
public function vote(AbstractUser $user, array $requestedRoles)
{
$result = self::ACCESS_ABSTAIN;
$userRoles = $user->getRoles();
foreach ($requestedRoles as $role) {
if (!$this->supportsRole($role)) {
continue;
}
$result = self::ACCESS_DENIED;
foreach ($userRoles as $ur) {
/**
* @var $ur Role
*/
if ($role->getRole() === $ur->getRole()) {
return self::ACCESS_GRANTED;
}
}
}
return $result;
}