/**
* {@inheritdoc}
*/
public function callAction($controller, $action = '', array $parameters = [])
{
if (!isset($this->config->controllers()[$controller])) {
throw new ControllerException("Undefined vault controller '{$controller}'", ControllerException::NOT_FOUND);
}
$permission = "{$this->config->securityNamespace()}.{$controller}";
if (!$this->guard()->allows($permission, compact('action'))) {
throw new ControllerException("Unreachable vault controller '{$controller}'", ControllerException::FORBIDDEN);
}
return $this->executeController($controller, $action, $parameters);
}
/**
* @param PermissionsInterface $permissions
* @param VaultConfig $config
*/
public function boot(PermissionsInterface $permissions, VaultConfig $config)
{
if (!$permissions->hasRole(static::ROLE)) {
$permissions->addRole(static::ROLE);
}
$namespace = $config->securityNamespace();
//Following rule will raise log message to notify that insecure setting were used
$permissions->associate(static::ROLE, "{$namespace}.*", InsecureRule::class);
$permissions->associate(static::ROLE, "{$namespace}.*.*", InsecureRule::class);
$permissions->associate(static::ROLE, "{$namespace}.*.*.*", InsecureRule::class);
$permissions->associate(static::ROLE, "{$namespace}.*.*.*.*", InsecureRule::class);
}
