gistfile1.aw

<?php

namespace Liip\TestBundle\Controller;

use Symfony\Bundle\FrameworkBundle\Controller\Controller;

use Symfony\Component\Security\Acl\Domain\ObjectIdentity;
use Symfony\Component\Security\Acl\Domain\UserSecurityIdentity;
use Symfony\Component\Security\Acl\Permission\MaskBuilder;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
use Liip\TestBundle\Entity\Post;

class DefaultController extends Controller
{
    public function indexAction()
    {
        /**
         * @var $postRepo \Liip\TestBundle\Entity\PostRepository
         * @var $em \Doctrine\ORM\EntityManager
         * @var $securityContext SecurityContext;
         */
        $postRepo = $this->getDoctrine()->getRepository('Liip\TestBundle\Entity\Post');

        $postExists = count ($postRepo->findOneById(1)) === 1;
        if($postExists){

            $post = $postRepo->findOneById(1);

            $securityContext = $this->get('security.context');
            $oid = new ObjectIdentity('class', 'Liip\\TestBundle\\Entity\\Post');

            // check for edit access
            if (false === $securityContext->isGranted('EDIT', $oid)) {
                throw new AccessDeniedException();
            }else{
                echo "Edit Access granted to: <br/><br/> ";
                print_r("<pre>");
                print_r($post);
                print_r("</pre>");
            }
        }else{
            $post = new Post();
            $post->setPost('This post is protected by an ACL and should only be visible to users with the role "ROLE_POST_OWNER"');

            $em = $this->getDoctrine()->getEntityManager();
            $em->persist($post);
            $em->flush();
        }
        return $this->render('LiipTestBundle:Default:index.html.twig');
    }
}