public function existsUserRight($userId, $rightId, $forObject, $withId)
{
Assertion::nullOrInteger($userId);
Assertion::integer($rightId);
Assertion::nullOrString($forObject);
//If there is no forObject, there can not be an withId
if ($forObject === null) {
Assertion::same($withId, null);
} else {
Assertion::nullOrString($withId);
}
if ($userId !== null && !$this->userService->existsUserById($userId)) {
throw new UserDoesNotExistException();
}
if (!$this->rightService->existsRightById($rightId)) {
throw new RightNotFoundException();
}
return $this->getORMUserRight($userId, $rightId, $forObject, $withId) !== null;
}
/**
* @inheritdoc
*/
public function readAndVerifyUserFromAuthorizationHeader($authorizationHeaderValue)
{
Assertion::string($authorizationHeaderValue);
if (empty($authorizationHeaderValue)) {
return null;
}
try {
$credentials = $this->authorizationHeaderService->parseAuthorizationHeaderString($authorizationHeaderValue);
} catch (AHSInvalidAuthorizationHeaderException $e) {
throw new InvalidAuthorizationHeaderException($e->getMessage());
}
try {
$user = $this->userService->getUserByIdentifier($credentials->getUserIdentifier());
} catch (UserDoesNotExistException $e) {
throw new InvalidUserException('User not found or password does not match');
}
$verified = $this->passwordService->verify($credentials->getPassword(), $user->getPasswordHash());
if (!$verified) {
throw new InvalidUserException('User not found or password does not match');
}
return $user;
}
