what symfony2 access_control really does?

Question

lets say that i have three roles:

1) ADMIN_ROLE
2) USER_ROLE
3) COMPANY_ROLE 

Now I have bundles for each of that roles.

1) AdminBundle
2) UserBundle
3) CompanyBundle

I have three routes

1) /admin
2) /user
3) /company

I do not want to check ho user is (what is his role) in every controller in every bundle. Will this part of symfony security do that for me:

-{ path: ^/admin, roles: ROLE_ADMIN } #only ROLE_ADMIN will be able to see this
-{ path: ^/user, roles: ROLE_USER } #only ROLE_USER will be able to see this
-{ path: ^/company, roles: ROLE_COMPANY } #only ROLE_COMPANY will be able to see this

My questions are:

1) Is it possible to have ROLE_COMPANY (or any other custom role for that metter)?

2) Will access_control do checking of logged in users roles and lets say if I am ROLE_ADMIN and trying to access some page that is for ROLE_USER, will symfony handle that and say "this is not for admin, this is for user"?

3) If symfony can not handle this for me, is it possible to have some Event listener on every page open/refresh that will check this for me?

I do not want to check in every controller who logged user is. It is kind of stupid.

Answer 1

1. Yes
2. Yes (you can define hierarchy too, so you can make ROLE_ADMIN be able to access all of it child roles). For example, you can make ROLE_ADMIN be able to access all ROLE_USER and ROLE_ADMIN protected routes, but let ROLE_USER only access it's own routes. (Docs)
3. You can still create listener, but it will do it for you