getSessionRepository()->find($id); if (null === $session) { $this->app->abort(404, 'Unknown session'); } if (null === $session->getUser()) { $this->app->abort(403, 'Unauthorized'); } if ($session->getUser()->getId() !== $this->getAuthenticatedUser()->getId()) { $this->app->abort(403, 'Unauthorized'); } $manager = $this->getEntityManager(); $manager->remove($session); $manager->flush(); if ($request->isXmlHttpRequest()) { return $this->app->json([ 'success' => true, 'session_id' => $id ]); } return $this->app->redirectPath('account_sessions'); } /** * @return SessionRepository */ private function getSessionRepository() { return $this->app['repo.sessions']; } }