/** * Perform authentication and authorization. * * @throws \Magento\Framework\Exception\AuthorizationException * @return void */ private function checkPermissions() { $route = $this->router->match($this->request); if (!$this->authorization->isAllowed($route->getAclResources())) { $params = ['resources' => implode(', ', $route->getAclResources())]; throw new AuthorizationException(__(AuthorizationException::NOT_AUTHORIZED, $params)); } }
/** * Perform authentication and authorization. * * @throws \Magento\Framework\Exception\AuthorizationException * @return void * @deprecated * @see \Magento\Webapi\Controller\Rest\RequestValidator::checkPermissions */ protected function checkPermissions() { $route = $this->getCurrentRoute(); if (!$this->authorization->isAllowed($route->getAclResources())) { $params = ['resources' => implode(', ', $route->getAclResources())]; throw new AuthorizationException(__('Consumer is not authorized to access %resources', $params)); } }
/** * Perform authentication and authorization. * * @throws \Magento\Framework\Exception\AuthorizationException * @return void */ protected function checkPermissions() { $route = $this->getCurrentRoute(); if (!$this->authorization->isAllowed($route->getAclResources())) { $params = ['resources' => implode(', ', $route->getAclResources())]; throw new AuthorizationException(__(AuthorizationException::NOT_AUTHORIZED, $params)); } }
/** * Retrieve information only about those services/methods which are visible to current user. * * @param string[] $requestedServices * @return array */ protected function getAllowedServicesMetadata($requestedServices) { $allowedServicesMetadata = []; foreach ($requestedServices as $serviceName) { $serviceMetadata = $this->getServiceMetadata($serviceName); foreach ($serviceMetadata[ServiceMetadata::KEY_SERVICE_METHODS] as $methodName => $methodData) { if (!$this->authorization->isAllowed($methodData[ServiceMetadata::KEY_ACL_RESOURCES])) { unset($serviceMetadata[ServiceMetadata::KEY_SERVICE_METHODS][$methodName]); } } if (!empty($serviceMetadata[ServiceMetadata::KEY_SERVICE_METHODS])) { $this->removeRestrictedRoutes($serviceMetadata); $allowedServicesMetadata[$serviceName] = $serviceMetadata; } } return $allowedServicesMetadata; }
/** * Handler for all SOAP operations. * * @param string $operation * @param array $arguments * @return \stdClass|null * @throws WebapiException * @throws \LogicException * @throws AuthorizationException */ public function __call($operation, $arguments) { $requestedServices = $this->_request->getRequestedServices(); $serviceMethodInfo = $this->_apiConfig->getServiceMethodInfo($operation, $requestedServices); $serviceClass = $serviceMethodInfo[ServiceMetadata::KEY_CLASS]; $serviceMethod = $serviceMethodInfo[ServiceMetadata::KEY_METHOD]; // check if the operation is a secure operation & whether the request was made in HTTPS if ($serviceMethodInfo[ServiceMetadata::KEY_IS_SECURE] && !$this->_request->isSecure()) { throw new WebapiException(__("Operation allowed only in HTTPS")); } if (!$this->authorization->isAllowed($serviceMethodInfo[ServiceMetadata::KEY_ACL_RESOURCES])) { throw new AuthorizationException(__('Consumer is not authorized to access %resources', ['resources' => implode(', ', $serviceMethodInfo[ServiceMetadata::KEY_ACL_RESOURCES])])); } $service = $this->_objectManager->get($serviceClass); $inputData = $this->_prepareRequestData($serviceClass, $serviceMethod, $arguments); $outputData = call_user_func_array([$service, $serviceMethod], $inputData); return $this->_prepareResponseData($outputData, $serviceClass, $serviceMethod); }