public function beforeExecuteRoute(Event $event, Api $api) { $collection = $api->getMatchedCollection(); $endpoint = $api->getMatchedEndpoint(); if (!$collection || !$endpoint) { return; } $allowed = $this->acl->isAllowed($this->userService->getRole(), $collection->getIdentifier(), $endpoint->getIdentifier()); if (!$allowed) { throw new Exception(ErrorCodes::ACCESS_DENIED); } }