Twig Extension to grant access based on path

services.yml

services:
    tentacode_foobar_user.twig.user_extension:
        class: Tentacode\Foobar\UserBundle\Twig\UserExtension
        tags:
            - { name: twig.extension }
        arguments:
            - @security.access_map
            - @security.context
            - @security.access.decision_manager

UserExtension.php

<?php

namespace Tentacode\Foobar\UserBundle\Twig;

use Twig_Extension;
use Twig_Function_Method;

use Symfony\Component\HttpFoundation\Request;

use Symfony\Component\Security\Http\AccessMap;
use Symfony\Component\Security\Core\SecurityContext;
use Symfony\Component\Security\Core\Authorization\AccessDecisionManager;

class UserExtension extends Twig_Extension
{
    protected $map;

    protected $securityContext;

    protected $adm;

    public function __construct(AccessMap $map, SecurityContext $securityContext, AccessDecisionManager $adm)
    {
        $this->map = $map;
        $this->securityContext = $securityContext;
        $this->adm = $adm;
    }

    public function getFunctions()
    {
        return array(
            'access_granted' => new Twig_Function_Method($this, 'isAccessGranted'),
        );
    }

    public function isAccessGranted($path)
    {
        if (null === $token = $this->securityContext->getToken()) { 
            return true; 
        } 

        if(preg_match('/^\/[a-z_]+\.php(.*)$/', $path, $result)) {
            $path = $result[1];
        }

        $request = Request::create($path);

        list($attributes, $channel) = $this->map->getPatterns($request);

        if (null === $attributes) { 
            return true; 
        } 

        if (!$token->isAuthenticated()) { 
            return false; 
        } 

        return $this->adm->decide($token, $attributes, $request); 
    }

    public function getName()
    {
        return 'user';
    }
}