/**
* @param string $resource
* @param string $actionName
* @param array|null $payload
* @param string[] $roles
*
* @throws AccessDeniedHttpException
*/
public function validate($resource, $actionName, $payload, $roles)
{
if (!$this->permissions->isReadable($resource, $actionName, $roles)) {
throw new AccessDeniedHttpException('You are not allowed to access this resource');
}
if ($payload) {
if (!$this->permissions->isWritable($resource, $actionName, $roles)) {
throw new AccessDeniedHttpException('You are not allowed to access this resource');
}
foreach ($payload as $field => $value) {
if (!$this->permissions->isWritable($resource . ':' . $field, $actionName, $roles)) {
throw new AccessDeniedHttpException('You are not allowed to access this resource');
}
}
}
}
