研究一下这个方法就能知道它是如何工作的

protected function denyAccessUnlessGranted($attributes, $object = null, $message = 'Access Denied.')
{
    if (!$this->isGranted($attributes, $object)) {
        throw $this->createAccessDeniedException($message);
    }
}

这样你就可以很容易地将其应用到你的案例中
在您的控制器中，例如：

if(!$this->isGranted('ROLE_EDIT', $item) && !$this->isGranted('ROLE_OTHER', $item)){
    throw $this->createAccessDeniedException('not allowed');
}

denyAccessUnlessGranted接受角色名称数组，因此

$this->denyAccessUnlessGranted(['ROLE_EDIT', 'ROLE_ADMIN'], $item, 'You cannot edit this item.');

所以你应该能通过所有的角色
克雷格

我使用的是Symfony 6.2，我的控制器扩展了一个基本控制器，我用它来添加额外的功能。其中之一是检查用户角色的方法，它可以使用一个或多个。

/**
 * Check user access permissions. If an array is supplied for $role, and $mustHaveAllRoles
 * is set to true, then the user must have all the roles. If $mustHaveAllRoles is false
 * then they must only have at least one of the listed roles.
 */
protected function checkAccess(array|string $role, bool $mustHaveAllRoles=true)
{    
    if (is_array($role)) {
        // We have several roles to check. By default they must have ALL the roles listed.
        $valid = true;
        foreach($role as $singleRole){
            if ($this->isGranted($singleRole)) {
                if (!$mustHaveAllRoles) {
                    return;
                }
            }else{
                $valid = false; // At least one role is not found for this user.
            }
        }
        if (!$valid) {
            throw $this->createAccessDeniedException();
        }
    }else{
        // Only one role was supplied. Check it.
        $this->denyAccessUnlessGranted($role);
    }
    
}

从控制器方法的顶部调用它，如下所示：

$this->checkAccess(['ROLE_USER_VERIFIED', 'ROLE_ADMIN']);