/**
  * @param RequestInterpreterInterface $interpreter
  * @param AuthorizerInterface $authorizer
  * @param RequestInterface $request
  * @return ErrorCollection|bool
  *      errors if the request is not authorized, true if authorized.
  */
 protected function checkAuthorization(RequestInterpreterInterface $interpreter, AuthorizerInterface $authorizer, RequestInterface $request)
 {
     $parameters = $request->getParameters();
     $document = $request->getDocument();
     $record = $request->getRecord();
     $authorized = true;
     /** Index */
     if ($interpreter->isIndex()) {
         $authorized = $authorizer->canReadMany($parameters);
     } elseif ($interpreter->isCreateResource()) {
         $authorized = $authorizer->canCreate($document->getResource(), $parameters);
     } elseif ($interpreter->isReadResource()) {
         $authorized = $authorizer->canRead($record, $parameters);
     } elseif ($interpreter->isUpdateResource()) {
         $authorized = $authorizer->canUpdate($record, $document->getResource(), $parameters);
     } elseif ($interpreter->isDeleteResource()) {
         $authorized = $authorizer->canDelete($record, $parameters);
     } elseif ($interpreter->isReadRelatedResource()) {
         $authorized = $authorizer->canReadRelatedResource($interpreter->getRelationshipName(), $record, $parameters);
     } elseif ($interpreter->isReadRelationship()) {
         $authorized = $authorizer->canReadRelationship($interpreter->getRelationshipName(), $record, $parameters);
     } elseif ($interpreter->isModifyRelationship()) {
         $authorized = $authorizer->canModifyRelationship($interpreter->getRelationshipName(), $record, $document->getRelationship(), $parameters);
     }
     return $authorized ?: $authorizer->getErrors();
 }
Exemplo n.º 2
0
 /**
  * @param ValidatorProviderInterface $validators
  * @param RequestInterpreterInterface $interpreter
  * @param RequestInterface $request
  * @return DocumentValidatorInterface|null
  */
 private function documentAcceptanceValidator(ValidatorProviderInterface $validators, RequestInterpreterInterface $interpreter, RequestInterface $request)
 {
     $resourceType = $request->getResourceType();
     $resourceId = $interpreter->getResourceId();
     $relationshipName = $interpreter->getRelationshipName();
     $record = $request->getRecord();
     /** Create Resource */
     if ($interpreter->isCreateResource()) {
         return $validators->createResource($resourceType);
     } elseif ($interpreter->isUpdateResource()) {
         return $validators->updateResource($resourceType, $resourceId, $record);
     } elseif ($interpreter->isModifyRelationship()) {
         return $validators->modifyRelationship($resourceType, $resourceId, $relationshipName, $record);
     }
     return null;
 }