richsage/1_Result.php

## 1_Result.php
<?php

class DefaultController extends Controller
{
    /**
    * Dashboard page.
    * @Permissions(perm="dashboard_view")
    * @Route("/", name="ITEDashboardBundle_index")
    * @Template()
    * @return array
    */
    public function indexAction()
    {.......

## 2_newAnnotation.php
<?php

namespace SomeNameSpace\SomeBundle\Annotations;
/**
* @Annotation
*/
class Permissions
{
    public $perm;
}

## 3_AnnotationDriver.php
<?php

namespace SomeNamespace\SomeBundle\Annotations\Driver;

use Doctrine\Common\Annotations\Reader;//This thing read annotations
use Symfony\Component\HttpKernel\Event\FilterControllerEvent;//Use essential kernel component
use SomeNamespace\SomeBundle\Annotations;//Use our annotation
use SomeNamespace\SomeBundle\Security\Permission;//In this class I check correspondence permission to user
use Symfony\Component\HttpFoundation\Response;// For example I will throw 403, if access denied

use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;

class AnnotationDriver{

    private $reader;

    public function __construct($reader)
    {
        $this->reader = $reader;//get annotations reader
    }
    /**
    * This event will fire during any controller call
    */
    public function onKernelController(FilterControllerEvent $event)
    {

        if (!is_array($controller = $event->getController())) { //return if no controller
            return;
        }

        $object = new \ReflectionObject($controller[0]);// get controller
        $method = $object->getMethod($controller[1]);// get method

        foreach ($this->reader->getMethodAnnotations($method) as $configuration) { //Start of annotations reading
            if(isset($configuration->perm)){//Found our annotation
                $perm = new Permission($controller[0]->get('doctrine.odm.mongodb.document_manager'));
                $userName = $controller[0]->get('security.context')->getToken()->getUser()->getUserName();
                if(!$perm->isAccess($userName,$configuration->perm)){
                           //if any throw 403
                           throw new AccessDeniedHttpException();

                }

             }
         }
    }
}

## 4_serviceDeclaration.yml
# SomeBundle\config\services.yml
services:
    some_annotation_driver:
        class: SomeNamespace\SomeBundle\Annotations\Driver\AnnotationDriver #Point class
        tags: [{name: kernel.event_listener, event: kernel.controller, method: onKernelController}]          #Point event
        arguments: [@annotation_reader] # Pass annotation_reader into constructor of our service

## 5_Usage.php
namespace SomeNamespace\SomeBundle\Controller;

use SomeNamespace\SomeBundle\Annotations\Permissions;

<?php

/**
* Dashboard controller.
*
* @Route("/dashboard")
*/
class DefaultController extends Controller
{

    /**
    * Dashboard page.
    * @Permissions(perm="dashboard_view")
    * @Route("/", name="ITEDashboardBundle_index")
    * @Template()
    * @return array
    */
    public function indexAction()
    {...}
}
	<?php

	class DefaultController extends Controller
	{
	/**
	* Dashboard page.
	* @Permissions(perm="dashboard_view")
	* @Route("/", name="ITEDashboardBundle_index")
	* @Template()
	* @return array
	*/
	public function indexAction()
	{.......
	<?php

	namespace SomeNameSpace\SomeBundle\Annotations;
	/**
	* @Annotation
	*/
	class Permissions
	{
	public $perm;
	}
	<?php

	namespace SomeNamespace\SomeBundle\Annotations\Driver;

	use Doctrine\Common\Annotations\Reader;//This thing read annotations
	use Symfony\Component\HttpKernel\Event\FilterControllerEvent;//Use essential kernel component
	use SomeNamespace\SomeBundle\Annotations;//Use our annotation
	use SomeNamespace\SomeBundle\Security\Permission;//In this class I check correspondence permission to user
	use Symfony\Component\HttpFoundation\Response;// For example I will throw 403, if access denied

	use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;

	class AnnotationDriver{

	private $reader;

	public function __construct($reader)
	{
	$this->reader = $reader;//get annotations reader
	}
	/**
	* This event will fire during any controller call
	*/
	public function onKernelController(FilterControllerEvent $event)
	{

	if (!is_array($controller = $event->getController())) { //return if no controller
	return;
	}

	$object = new \ReflectionObject($controller[0]);// get controller
	$method = $object->getMethod($controller[1]);// get method

	foreach ($this->reader->getMethodAnnotations($method) as $configuration) { //Start of annotations reading
	if(isset($configuration->perm)){//Found our annotation
	$perm = new Permission($controller[0]->get('doctrine.odm.mongodb.document_manager'));
	$userName = $controller[0]->get('security.context')->getToken()->getUser()->getUserName();
	if(!$perm->isAccess($userName,$configuration->perm)){
	//if any throw 403
	throw new AccessDeniedHttpException();

	}

	}
	}
	}
	}
	# SomeBundle\config\services.yml
	services:
	some_annotation_driver:
	class: SomeNamespace\SomeBundle\Annotations\Driver\AnnotationDriver #Point class
	tags: [{name: kernel.event_listener, event: kernel.controller, method: onKernelController}] #Point event
	arguments: [@annotation_reader] # Pass annotation_reader into constructor of our service
	namespace SomeNamespace\SomeBundle\Controller;

	use SomeNamespace\SomeBundle\Annotations\Permissions;

	<?php

	/**
	* Dashboard controller.
	*
	* @Route("/dashboard")
	*/
	class DefaultController extends Controller
	{

	/**
	* Dashboard page.
	* @Permissions(perm="dashboard_view")
	* @Route("/", name="ITEDashboardBundle_index")
	* @Template()
	* @return array
	*/
	public function indexAction()
	{...}
	}