/**
* Runs rbac check
*
* Access restrictions to controller actions can be created by
* using @rbacNeedsAccess, @rbacObject <rbacObjectName> and @rbacAction <rbacActionName> annotations in your
* action comments.
*/
protected function doRbacCheck()
{
$accessGranted = false;
if (TYPO3_MODE === 'BE') {
// We are in backend mode --> no access restriction
$accessGranted = true;
} else {
// We are in frontend --> use RBAC access control
$controllerName = $this->request->getControllerObjectName();
$actionName = $this->actionMethodName;
$methodTags = $this->reflectionService->getMethodTagsValues($controllerName, $actionName);
if (array_key_exists('rbacNeedsAccess', $methodTags)) {
// Access control annotation --> we check for access
$rbacObject = $methodTags['rbacObject'][0];
$rbacAction = $methodTags['rbacAction'][0];
$accessGranted = $this->rbacAccessControllService->loggedInUserHasAccess($this->extensionName, $rbacObject, $rbacAction);
} else {
// No access control annotation --> we have access
$accessGranted = true;
}
}
if (!$accessGranted) {
$this->accessDeniedAction();
}
}
/**
* @param string $object
* @param string $action
* @return bool
*/
protected function hasAccess($object, $action)
{
return $this->rbacService->loggedInUserHasAccess($this->controllerContext->getRequest()->getControllerExtensionName(), $object, $action);
}
