/**
* Authorize and authenticate on API method
*
* @param ActionDispatchEvent $event
*/
public function authorize(ActionDispatchEvent $event)
{
$callable = $event->getCallable();
if (!$callable->isMethod() && !$callable->isMethodStatic()) {
// Native function or \Closure
return;
}
$class = $callable->getReflection()->getDeclaringClass()->getName();
$method = $callable->getReflection()->getName();
$parameters = $event->getParameters();
$action = $event->getAction();
foreach ($action->getSecurityGroups() as $group) {
$authorized = $this->authorizationChecker->isGrantedMethodCall($class, $method, $parameters, [], $group);
if (!$authorized) {
throw new AccessDeniedException();
}
}
}
/**
* On pre dispatch event
*
* @param ActionDispatchEvent $event
*/
public function onPreDispatch(ActionDispatchEvent $event)
{
$message = sprintf('Match callable "%s" for action "%s".', Reflection::getCalledMethod($event->getCallable()->getReflection()), $event->getAction()->getName());
$this->logger->debug($message);
}
