/** * Fetch all or a subset of resources * * @param array $params * @return ApiProblem|mixed */ public function fetchAll($params = array()) { $user = $this->usersRepository->findByUsername($this->getIdentity()->getRoleId()); if ($user->getRole() != "admin") { return new ApiProblem(403, "The user has not access to this info."); } return $this->usersRepository->findAll(); }
/** * Fetch a resource * * @param mixed $id * @return ApiProblem|mixed */ public function fetch($id) { $user = $this->repository->findByUsername($this->getIdentity()->getRoleId()); if ($user->getRole() != "admin") { return new ApiProblem("403", "The user has not access to this info."); } return $this->repository->find($id); }
/** * Fetch a resource * * @param mixed $id * @return ApiProblem|mixed */ public function fetch($id) { $user = $this->repository->findByUsername($this->getIdentity()->getRoleId()); if ($user->getRole() == 'salesman') { return new ApiProblem(403, 'The user is not has access this info'); } return $this->repository->find($id); }
/** * Fetch a resource * * @param mixed $id * @return ApiProblem|mixed */ public function fetch($id) { $user = $this->repository->findByUsername($this->getIdentity()->getRoleId()); if ($user->getRole() == 'salesman') { return new ApiProblem(403, "O usuário não tem acesso à essas informações"); } return $this->repository->find($id); }
/** * Fetch all or a subset of resources * * @param array $params * @return ApiProblem|mixed */ public function fetchAll($params = array()) { $username = $this->getIdentity()->getRoleId(); $user = $this->repository->findByUsername($username); if ($user->getRole() != 'admin') { return new ApiProblem(403, 'O usuário não tem permissão para acessar esta informação'); } return $this->repository->findAll(); }
/** * Update a resource * * @param mixed $id * @param mixed $data * @return ApiProblem|mixed */ public function update($id, $data) { $user = $this->userRepository->findByUsername($this->getIdentity()->getRoleId()); if ($user->getRole() != "admin") { return new ApiProblem("403", "The user has not access to this info."); } return $this->repository->update($id, (array) $data); }
private function isOwnerOfOrder($id) { $user = $this->usersRepository->findByUsername($this->getIdentity()->getRoleId()); return $this->repository->find($id, $user) != null; }