/**
* Checks the access.
*
* @param Request $request Incoming request
* @return boolean Indicates if an operator has access or not.
*/
public function __invoke(Request $request)
{
// Check if the operator is logged in
if (!parent::__invoke($request)) {
return false;
}
$operator = $this->getOperator();
$target_operator_id = $request->attributes->getInt('operator_id', false);
return is_capable(CAN_ADMINISTRATE, $operator) || is_capable(CAN_MODIFYPROFILE, $operator) && $operator['operatorid'] == $target_operator_id;
}
/**
* Checks the access.
*
* @param Request $request Incoming request
* @return boolean Indicates if an operator has access or not.
*/
public function __invoke(Request $request)
{
// Check if the operator is logged in
if (!parent::__invoke($request)) {
return false;
}
$operator = $this->getOperator();
$permissions = $request->attributes->get('_access_permissions', array());
foreach ($permissions as $permission) {
if (!is_capable($this->resolvePermission($permission), $operator)) {
return false;
}
}
return true;
}
