/**
* @param RequestDto $dto
* @param $commandHandler
* @return bool
*/
protected function checkAccess(RequestDto $dto, CommandHandlerInterface $commandHandler)
{
/** @var Config $config */
$config = Registry::get('container')['config'];
$acl = $commandHandler->getAcl();
if (CommandHandlerInterface::ACL_ANY === $acl) {
return true;
} elseif (CommandHandlerInterface::ACL_ADMIN === $acl) {
$currentUser = $dto->getUser();
$currentUserName = $this->slackFacade->getUserNameById($currentUser);
$admins = $config->getEntry('acl.admins') ?: [];
if (0 === count($admins)) {
return false;
}
return in_array($currentUserName, $admins);
} else {
if (!is_array($acl)) {
throw new \RuntimeException('Wrong ACL format: array expected');
}
$currentUser = $dto->getUser();
$aclUsers = [];
foreach ($acl as $aclItem) {
$aclUsers = array_merge($aclUsers, $this->slackFacade->getRecipientUsersIds($aclItem));
}
$aclUsers = array_unique($aclUsers);
return in_array($currentUser, $aclUsers);
}
}
