/**
* The policy enforcement advice. This advices applies the security enforcement interceptor to all methods configured in the policy.
* Note: If we have some kind of "run as" functionality in the future, we would have to manipulate the security context
* before calling the policy enforcement interceptor
*
* @Flow\Around("filter(TYPO3\Flow\Security\Authorization\Privilege\Method\MethodPrivilegePointcutFilter)")
* @param JoinPointInterface $joinPoint The current joinpoint
* @return mixed The result of the target method if it has not been intercepted
*/
public function enforcePolicy(JoinPointInterface $joinPoint)
{
if ($this->securityContext->areAuthorizationChecksDisabled() !== true) {
$this->policyEnforcementInterceptor->setJoinPoint($joinPoint);
$this->policyEnforcementInterceptor->invoke();
}
return $joinPoint->getAdviceChain()->proceed($joinPoint);
}
/**
* The policy enforcement advice. This advices applies the security enforcement interceptor to all methods configured in the policy.
* Note: If we have some kind of "run as" functionality in the future, we would have to manipulate the security context
* before calling the policy enforcement interceptor
*
* @Flow\Around("setting(TYPO3.Flow.security.enable) && filter(TYPO3\Flow\Security\Policy\PolicyService)")
* @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint The current joinpoint
* @return mixed The result of the target method if it has not been intercepted
*/
public function enforcePolicy(\TYPO3\Flow\Aop\JoinPointInterface $joinPoint)
{
if ($this->securityContext->areAuthorizationChecksDisabled() !== TRUE) {
$this->policyEnforcementInterceptor->setJoinPoint($joinPoint);
$this->policyEnforcementInterceptor->invoke();
}
$result = $joinPoint->getAdviceChain()->proceed($joinPoint);
// @TODO Once we use the AfterInvocation again, it needs to be invoked here and its result returned instead.
return $result;
}
