cleaned up the code example

gondo · gondo · commit 081b3c7e9b17 · 2014-08-17T00:59:55.000+02:00
- added final return for `vote()` function
- moved `$user` below attribute check. if attribute fails, we don't need user
- used already declared constants in switch statement, rather than harcoded strings
diff --git a/cookbook/security/voters_data_permission.rst b/cookbook/security/voters_data_permission.rst
@@ -108,36 +108,38 @@ edit a particular object. Here's an example implementation:
             // set the attribute to check against
             $attribute = $attributes[0];
 
-            // get current logged in user
-            $user = $token->getUser();
-
             // check if the given attribute is covered by this voter
             if (!$this->supportsAttribute($attribute)) {
                 return VoterInterface::ACCESS_ABSTAIN;
             }
 
+            // get current logged in user
+            $user = $token->getUser();
+
             // make sure there is a user object (i.e. that the user is logged in)
             if (!$user instanceof UserInterface) {
                 return VoterInterface::ACCESS_DENIED;
             }
 
             switch($attribute) {
-                case 'view':
+                case self::VIEW:
                     // the data object could have for example a method isPrivate()
                     // which checks the Boolean attribute $private
                     if (!$post->isPrivate()) {
                         return VoterInterface::ACCESS_GRANTED;
                     }
                     break;
 
-                case 'edit':
+                case self::EDIT:
                     // we assume that our data object has a method getOwner() to
                     // get the current owner user entity for this data object
                     if ($user->getId() === $post->getOwner()->getId()) {
                         return VoterInterface::ACCESS_GRANTED;
                     }
                     break;
             }
+            
+            return VoterInterface::ACCESS_DENIED;
         }
     }
 

Original file line number	Diff line number	Diff line change
`@@ -108,36 +108,38 @@ edit a particular object. Here's an example implementation:`
`108`	`108`	`// set the attribute to check against`
`109`	`109`	`$attribute = $attributes[0];`
`110`	`110`
`111`		`- // get current logged in user`
`112`		`- $user = $token->getUser();`
`113`		`-`
`114`	`111`	`// check if the given attribute is covered by this voter`
`115`	`112`	`if (!$this->supportsAttribute($attribute)) {`
`116`	`113`	`return VoterInterface::ACCESS_ABSTAIN;`
`117`	`114`	`}`
`118`	`115`
	`116`	`+ // get current logged in user`
	`117`	`+ $user = $token->getUser();`
	`118`	`+`
`119`	`119`	`// make sure there is a user object (i.e. that the user is logged in)`
`120`	`120`	`if (!$user instanceof UserInterface) {`
`121`	`121`	`return VoterInterface::ACCESS_DENIED;`
`122`	`122`	`}`
`123`	`123`
`124`	`124`	`switch($attribute) {`
`125`		`- case 'view':`
	`125`	`+ case self::VIEW:`
`126`	`126`	`// the data object could have for example a method isPrivate()`
`127`	`127`	`// which checks the Boolean attribute $private`
`128`	`128`	`if (!$post->isPrivate()) {`
`129`	`129`	`return VoterInterface::ACCESS_GRANTED;`
`130`	`130`	`}`
`131`	`131`	`break;`
`132`	`132`
`133`		`- case 'edit':`
	`133`	`+ case self::EDIT:`
`134`	`134`	`// we assume that our data object has a method getOwner() to`
`135`	`135`	`// get the current owner user entity for this data object`
`136`	`136`	`if ($user->getId() === $post->getOwner()->getId()) {`
`137`	`137`	`return VoterInterface::ACCESS_GRANTED;`
`138`	`138`	`}`
`139`	`139`	`break;`
`140`	`140`	`}`
	`141`	`+`
	`142`	`+ return VoterInterface::ACCESS_DENIED;`
`141`	`143`	`}`
`142`	`144`	`}`
`143`	`145`