Beispiel #1
0
 /**
  * @param RequestInterpreterInterface $interpreter
  * @param AuthorizerInterface $authorizer
  * @param RequestInterface $request
  * @return ErrorCollection|bool
  *      errors if the request is not authorized, true if authorized.
  */
 protected function checkAuthorization(RequestInterpreterInterface $interpreter, AuthorizerInterface $authorizer, RequestInterface $request)
 {
     $parameters = $request->getParameters();
     $document = $request->getDocument();
     $record = $request->getRecord();
     $authorized = true;
     /** Index */
     if ($interpreter->isIndex()) {
         $authorized = $authorizer->canReadMany($parameters);
     } elseif ($interpreter->isCreateResource()) {
         $authorized = $authorizer->canCreate($document->getResource(), $parameters);
     } elseif ($interpreter->isReadResource()) {
         $authorized = $authorizer->canRead($record, $parameters);
     } elseif ($interpreter->isUpdateResource()) {
         $authorized = $authorizer->canUpdate($record, $document->getResource(), $parameters);
     } elseif ($interpreter->isDeleteResource()) {
         $authorized = $authorizer->canDelete($record, $parameters);
     } elseif ($interpreter->isReadRelatedResource()) {
         $authorized = $authorizer->canReadRelatedResource($interpreter->getRelationshipName(), $record, $parameters);
     } elseif ($interpreter->isReadRelationship()) {
         $authorized = $authorizer->canReadRelationship($interpreter->getRelationshipName(), $record, $parameters);
     } elseif ($interpreter->isModifyRelationship()) {
         $authorized = $authorizer->canModifyRelationship($interpreter->getRelationshipName(), $record, $document->getRelationship(), $parameters);
     }
     return $authorized ?: $authorizer->getErrors();
 }
Beispiel #2
0
 /**
  * @param JsonApiRequest $request
  * @return Paginator|Collection|Model|Response|null
  */
 protected function search(JsonApiRequest $request)
 {
     if (!$this->search) {
         return $this->notImplemented();
     }
     $builder = $this->model->newQuery();
     return $this->search->search($builder, $request->getParameters());
 }
Beispiel #3
0
 /**
  * @param ApiInterface $api
  * @param RequestInterface $request
  * @param FilterValidatorInterface|null $filterValidator
  */
 protected function checkQueryParameters(ApiInterface $api, RequestInterface $request, FilterValidatorInterface $filterValidator = null)
 {
     $parameters = $request->getParameters();
     $this->checkEncodingParameters($api->getHttpFactory(), $parameters, $api);
     if ($filterValidator && $api->getRequestInterpreter()->isIndex()) {
         $this->checkFilterParameters($filterValidator, $parameters);
     }
 }