/** * The policy enforcement advice. This advices applies the security enforcement interceptor to all methods configured in the policy. * Note: If we have some kind of "run as" functionality in the future, we would have to manipulate the security context * before calling the policy enforcement interceptor * * @Flow\Around("filter(TYPO3\Flow\Security\Authorization\Privilege\Method\MethodPrivilegePointcutFilter)") * @param JoinPointInterface $joinPoint The current joinpoint * @return mixed The result of the target method if it has not been intercepted */ public function enforcePolicy(JoinPointInterface $joinPoint) { if ($this->securityContext->areAuthorizationChecksDisabled() !== true) { $this->policyEnforcementInterceptor->setJoinPoint($joinPoint); $this->policyEnforcementInterceptor->invoke(); } return $joinPoint->getAdviceChain()->proceed($joinPoint); }
/** * The policy enforcement advice. This advices applies the security enforcement interceptor to all methods configured in the policy. * Note: If we have some kind of "run as" functionality in the future, we would have to manipulate the security context * before calling the policy enforcement interceptor * * @Flow\Around("setting(TYPO3.Flow.security.enable) && filter(TYPO3\Flow\Security\Policy\PolicyService)") * @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint The current joinpoint * @return mixed The result of the target method if it has not been intercepted */ public function enforcePolicy(\TYPO3\Flow\Aop\JoinPointInterface $joinPoint) { if ($this->securityContext->areAuthorizationChecksDisabled() !== TRUE) { $this->policyEnforcementInterceptor->setJoinPoint($joinPoint); $this->policyEnforcementInterceptor->invoke(); } $result = $joinPoint->getAdviceChain()->proceed($joinPoint); // @TODO Once we use the AfterInvocation again, it needs to be invoked here and its result returned instead. return $result; }