diff options
author | Igor Scheller <igor.scheller@igorshp.de> | 2018-11-14 02:17:27 +0100 |
---|---|---|
committer | msquare <msquare@notrademark.de> | 2018-12-02 12:53:31 +0100 |
commit | c9d7e88cc70b6ad124c28be479a6e64c4b174ea6 (patch) | |
tree | ee4a37c27b05c1ef4ccc6a01cc088b510f5084ef /src/Middleware | |
parent | 55beca95cd8d6ecfe610daea304c8374a10485af (diff) |
Implemented controller permissions
Diffstat (limited to 'src/Middleware')
-rw-r--r-- | src/Middleware/CallableHandler.php | 8 | ||||
-rw-r--r-- | src/Middleware/RequestHandler.php | 45 |
2 files changed, 53 insertions, 0 deletions
diff --git a/src/Middleware/CallableHandler.php b/src/Middleware/CallableHandler.php index eb493bf1..0bb666a3 100644 --- a/src/Middleware/CallableHandler.php +++ b/src/Middleware/CallableHandler.php @@ -74,4 +74,12 @@ class CallableHandler implements MiddlewareInterface, RequestHandlerInterface $response = $this->container->get('response'); return $response->withContent($return); } + + /** + * @return callable + */ + public function getCallable() + { + return $this->callable; + } } diff --git a/src/Middleware/RequestHandler.php b/src/Middleware/RequestHandler.php index ebe1ff9e..b0fc664f 100644 --- a/src/Middleware/RequestHandler.php +++ b/src/Middleware/RequestHandler.php @@ -3,6 +3,9 @@ namespace Engelsystem\Middleware; use Engelsystem\Application; +use Engelsystem\Controllers\BaseController; +use Engelsystem\Helpers\Authenticator; +use Engelsystem\Http\Exceptions\HttpForbidden; use InvalidArgumentException; use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ServerRequestInterface; @@ -37,6 +40,14 @@ class RequestHandler implements MiddlewareInterface $requestHandler = $request->getAttribute('route-request-handler'); $requestHandler = $this->resolveRequestHandler($requestHandler); + if ($requestHandler instanceof CallableHandler) { + $callable = $requestHandler->getCallable(); + + if (is_array($callable) && $callable[0] instanceof BaseController) { + $this->checkPermissions($callable[0], $callable[1]); + } + } + if ($requestHandler instanceof MiddlewareInterface) { return $requestHandler->process($request, $handler); } @@ -49,6 +60,8 @@ class RequestHandler implements MiddlewareInterface } /** + * Resolve the given class + * * @param string|callable|MiddlewareInterface|RequestHandlerInterface $handler * @return MiddlewareInterface|RequestHandlerInterface */ @@ -76,4 +89,36 @@ class RequestHandler implements MiddlewareInterface return $this->resolveMiddleware($handler); } + + /** + * Check required page permissions + * + * @param BaseController $controller + * @param string $method + * @return bool + */ + protected function checkPermissions(BaseController $controller, string $method): bool + { + /** @var Authenticator $auth */ + $auth = $this->container->get('auth'); + $permissions = $controller->getPermissions(); + + // Merge action permissions + if (isset($permissions[$method])) { + $permissions = array_merge($permissions, (array)$permissions[$method]); + } + + foreach ($permissions as $key => $permission) { + // Skip all action permission entries + if (!is_int($key)) { + continue; + } + + if (!$auth->can($permission)) { + throw new HttpForbidden(); + } + } + + return true; + } } |