The previous ways of controlling routes are powerful and relatively flexible, but static. We are hardcoding the rules into a file and expect the incoming user to abide by them. However, what if things are more complicated than that, and we need a more dynamic approach? Trust me, things get complicated, fast. We can use the _custom_access option of the route requirements.
In this subsection, we will see how these work and how we can create our custom access checkers; just something simple to demonstrate the process. Then, we will see a more advanced implementation that will have us work a bit with routes programmatically.
There are two ways custom access checkers can be created and used with a route, and they both involve creating a class. The way this class is used makes the distinction: we can either reference it directly (statically) or make it into a service and reference it like so. We will see an example of both later in this chapter.
To demonstrate, let's say that we want to make sure that our Hello World route is only accessible to users who don't have a specific role—editor. Doesn't make much sense, but it's a simple example we can run with.