/** * Process security check function * * @param array $params * @param \Smarty $smarty * @return string no text is returned. * @throws \Thelia\Core\Security\Exception\AuthenticationException * @throws AuthenticationException * @throws AuthorizationException */ public function checkAuthFunction($params, &$smarty) { $roles = $this->explode($this->getParam($params, 'role')); $resources = $this->explode($this->getParam($params, 'resource')); $modules = $this->explode($this->getParam($params, 'module')); $accesses = $this->explode($this->getParam($params, 'access')); if (!$this->securityContext->isGranted($roles, $resources, $modules, $accesses)) { if (null === $this->securityContext->checkRole($roles)) { // The current user is not logged-in. $ex = new AuthenticationException(sprintf("User not granted for roles '%s', to access resources '%s' with %s.", implode(',', $roles), implode(',', $resources), implode(',', $accesses))); $loginTpl = $this->getParam($params, 'login_tpl'); if (null != $loginTpl) { $ex->setLoginTemplate($loginTpl); } } else { // We have a logged-in user, who do not have the proper permission. Issue an AuthorizationException. $ex = new AuthorizationException(sprintf("User not granted for roles '%s', to access resources '%s' with %s.", implode(',', $roles), implode(',', $resources), implode(',', $accesses))); } throw $ex; } return ''; }