public function buildResourceString(\Zend\Mvc\Router\RouteMatch $routeMatch, $request)
{
$resourceString = parent::buildResourceString($routeMatch, $request);
if ($this->isSupported($resourceString, $request)) {
return $this->getModelResource($routeMatch, $request, $resourceString);
} else {
return $resourceString;
}
}
/**
*
* @param MvcEvent $event
* @return bool
*/
public function isGranted(MvcEvent $event)
{
$rules = $this->getRules();
$routeMatch = $event->getRouteMatch();
$request = $event->getRequest();
if (!$request instanceof HttpRequest) {
return true;
}
$method = $request->getMethod();
$resource = $this->resourceResolver->buildResourceString($routeMatch, $request);
// If no resource could be identified, it is considered as granted (this guard does not apply).
if (!$resource) {
return true;
}
list($controller, $group) = explode('::', $resource);
// If it's an RPC call and not a REST controller, , it is considered as granted (this guard does not apply).
if (!in_array($group, ['entity', 'collection'])) {
return true;
}
// If no rules apply, it is considered as granted or not based on the protection policy.
if (!isset($rules[$controller][$group][$method])) {
return $this->getProtectionPolicy() === self::POLICY_ALLOW;
}
$actions = $rules[$controller][$group][$method];
if (is_string($actions)) {
$actions = [$actions];
}
if (is_array($actions)) {
$and = true;
foreach ($actions as $action) {
$and = $and && $this->authorizationService->isGranted($action);
}
$actions = $and;
}
return (bool) $actions;
}
