amenophis/ControllerAnnotationListener.php

## ControllerAnnotationListener.php
<?php

namespace TataJerem\Bundle\DemoBundle\EventListener;

use Doctrine\Common\Annotations\Reader;
use Doctrine\Common\Util\ClassUtils;
use Symfony\Component\HttpKernel\Event\FilterControllerEvent;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
use Symfony\Component\Security\Core\SecurityContext;
use TataJerem\Bundle\DemoBundle\Annotation\Permissions;

class ControllerAnnotationListener
{
    /** @var Reader */
    private $reader;

    /** @var SecurityContext */
    private $context;

    public function __construct(Reader $reader, SecurityContext $context)
    {
        $this->reader = $reader;
        $this->context = $context;
    }

    public function onKernelController(FilterControllerEvent $event)
    {
        if (!is_array($controller = $event->getController())) {
            return;
        }

        $method = new \ReflectionMethod(ClassUtils::getClass($controller[0]), $controller[1]);

        if (!$annotations = $this->reader->getMethodAnnotations($method)) {
            return;
        }

        foreach ($annotations as $annotation) {
            if ($annotation instanceof Permissions) {
                if (!$this->context->isGranted($annotation->permissions)) {
                    throw new AccessDeniedException('Please log in !');
                }
            }
        }
    }
}

## PermissionsAnnotation.php
<?php
namespace TataJerem\Bundle\DemoBundle\Annotation;

/**
 * @Annotation
 */
class PermissionsAnnotation
{
    public $permissions = array();
}

## RoutingDemoController.php
<?php
namespace TataJerem\Bundle\DemoBundle\Controller;

use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;

/**
 * @Route("/demo")
 */
class RoutingDemoController
{
    /**
     *
     * @Route("/users", name="demo_users")
     */
    public function demoAction()
    {
        // ...
    }
}

## RoutingDemoController2.php
<?php
namespace TataJerem\Bundle\DemoBundle\Controller;

use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use TataJerem\Bundle\DemoBundle\Annotation as TJ;

/**
 * @Route("/demo")
 */
class RoutingDemoController
{
    /**
     * @Route("/users", name="demo_users")
     * @TJ\Permissions({"ROLE_DEMO1", "ROLE_DEMO2"})
     */
    public function demoAction()
    {
        // ...
    }
}

## services.xml
<?xml version="1.0" ?>

<container xmlns="http://symfony.com/schema/dic/services"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">

    <parameters>
        <parameter key="tata_jerem_demo.listener.controller_annotation.class">TataJerem\Bundle\DemoBundle\EventListener\ControllerAnnotationListener</parameter>
    </parameters>

    <services>
        <service id="tata_jerem_demo.listener.controller_annotation" class="%tata_jerem_demo.listener.controller_annotation.class%">
            <argument type="service" id="annotation_reader" />
            <argument type="service" id="security.context" />
            <tag name="kernel.event_listener" event="kernel.controller" method="onKernelController" />
        </service>
    </services>

</container>
	<?php

	namespace TataJerem\Bundle\DemoBundle\EventListener;

	use Doctrine\Common\Annotations\Reader;
	use Doctrine\Common\Util\ClassUtils;
	use Symfony\Component\HttpKernel\Event\FilterControllerEvent;
	use Symfony\Component\Security\Core\Exception\AccessDeniedException;
	use Symfony\Component\Security\Core\SecurityContext;
	use TataJerem\Bundle\DemoBundle\Annotation\Permissions;

	class ControllerAnnotationListener
	{
	/** @var Reader */
	private $reader;

	/** @var SecurityContext */
	private $context;

	public function __construct(Reader $reader, SecurityContext $context)
	{
	$this->reader = $reader;
	$this->context = $context;
	}

	public function onKernelController(FilterControllerEvent $event)
	{
	if (!is_array($controller = $event->getController())) {
	return;
	}

	$method = new \ReflectionMethod(ClassUtils::getClass($controller[0]), $controller[1]);

	if (!$annotations = $this->reader->getMethodAnnotations($method)) {
	return;
	}

	foreach ($annotations as $annotation) {
	if ($annotation instanceof Permissions) {
	if (!$this->context->isGranted($annotation->permissions)) {
	throw new AccessDeniedException('Please log in !');
	}
	}
	}
	}
	}
	<?php
	namespace TataJerem\Bundle\DemoBundle\Annotation;

	/**
	* @Annotation
	*/
	class PermissionsAnnotation
	{
	public $permissions = array();
	}
	<?php
	namespace TataJerem\Bundle\DemoBundle\Controller;

	use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;

	/**
	* @Route("/demo")
	*/
	class RoutingDemoController
	{
	/**
	*
	* @Route("/users", name="demo_users")
	*/
	public function demoAction()
	{
	// ...
	}
	}
	<?xml version="1.0" ?>

	<container xmlns="http://symfony.com/schema/dic/services"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">

	<parameters>
	<parameter key="tata_jerem_demo.listener.controller_annotation.class">TataJerem\Bundle\DemoBundle\EventListener\ControllerAnnotationListener</parameter>
	</parameters>

	<services>
	<service id="tata_jerem_demo.listener.controller_annotation" class="%tata_jerem_demo.listener.controller_annotation.class%">
	<argument type="service" id="annotation_reader" />
	<argument type="service" id="security.context" />
	<tag name="kernel.event_listener" event="kernel.controller" method="onKernelController" />
	</service>
	</services>

	</container>