/**
* Check the given permissions for the given $entityId.
*
* @param EntityId $entityId
* @param string $permission
*
* @throws ItemMergeException if the permission check fails
*/
private function checkPermission(EntityId $entityId, $permission)
{
$status = $this->permissionChecker->getPermissionStatusForEntityId($this->user, $permission, $entityId);
if (!$status->isOK()) {
// XXX: This is silly, we really want to pass the Status object to the API error handler.
// Perhaps we should get rid of ItemMergeException and use Status throughout.
throw new ItemMergeException($status->getWikiText(), 'permissiondenied');
}
}
/**
* Check the rights for the user accessing the module.
*
* @param $entity EntityDocument the entity to check
* @param $user User doing the action
*
* @return Status the check's result
*/
private function checkPermissions(EntityDocument $entity, User $user)
{
$permissions = $this->getRequiredPermissions($entity);
$status = Status::newGood();
foreach (array_unique($permissions) as $perm) {
$permStatus = $this->permissionChecker->getPermissionStatusForEntity($user, $perm, $entity);
$status->merge($permStatus);
}
return $status;
}
