/** * {@inheritDoc} */ public function checkArgumentsEnabled(ActionDispatchEvent $event) { if (!$event->getAction()->isCheckEnabled()) { // Disable check enabled. return; } $parameters = $event->getParameters(); foreach ($parameters as $parameter) { if (is_object($parameter) && $this->enabledChecker->isSupported($parameter)) { $this->enabledChecker->check($parameter); } } }
/** * Authorize and authenticate on API method * * @param ActionDispatchEvent $event */ public function authorize(ActionDispatchEvent $event) { $callable = $event->getCallable(); if (!$callable->isMethod() && !$callable->isMethodStatic()) { // Native function or \Closure return; } $class = $callable->getReflection()->getDeclaringClass()->getName(); $method = $callable->getReflection()->getName(); $parameters = $event->getParameters(); $action = $event->getAction(); foreach ($action->getSecurityGroups() as $group) { $authorized = $this->authorizationChecker->isGrantedMethodCall($class, $method, $parameters, [], $group); if (!$authorized) { throw new AccessDeniedException(); } } }