/** * @param RequestInterpreterInterface $interpreter * @param AuthorizerInterface $authorizer * @param RequestInterface $request * @return ErrorCollection|bool * errors if the request is not authorized, true if authorized. */ protected function checkAuthorization(RequestInterpreterInterface $interpreter, AuthorizerInterface $authorizer, RequestInterface $request) { $parameters = $request->getParameters(); $document = $request->getDocument(); $record = $request->getRecord(); $authorized = true; /** Index */ if ($interpreter->isIndex()) { $authorized = $authorizer->canReadMany($parameters); } elseif ($interpreter->isCreateResource()) { $authorized = $authorizer->canCreate($document->getResource(), $parameters); } elseif ($interpreter->isReadResource()) { $authorized = $authorizer->canRead($record, $parameters); } elseif ($interpreter->isUpdateResource()) { $authorized = $authorizer->canUpdate($record, $document->getResource(), $parameters); } elseif ($interpreter->isDeleteResource()) { $authorized = $authorizer->canDelete($record, $parameters); } elseif ($interpreter->isReadRelatedResource()) { $authorized = $authorizer->canReadRelatedResource($interpreter->getRelationshipName(), $record, $parameters); } elseif ($interpreter->isReadRelationship()) { $authorized = $authorizer->canReadRelationship($interpreter->getRelationshipName(), $record, $parameters); } elseif ($interpreter->isModifyRelationship()) { $authorized = $authorizer->canModifyRelationship($interpreter->getRelationshipName(), $record, $document->getRelationship(), $parameters); } return $authorized ?: $authorizer->getErrors(); }
/** * @param ValidatorProviderInterface $validators * @param RequestInterpreterInterface $interpreter * @param RequestInterface $request * @return DocumentValidatorInterface|null */ private function documentAcceptanceValidator(ValidatorProviderInterface $validators, RequestInterpreterInterface $interpreter, RequestInterface $request) { $resourceType = $request->getResourceType(); $resourceId = $interpreter->getResourceId(); $relationshipName = $interpreter->getRelationshipName(); $record = $request->getRecord(); /** Create Resource */ if ($interpreter->isCreateResource()) { return $validators->createResource($resourceType); } elseif ($interpreter->isUpdateResource()) { return $validators->updateResource($resourceType, $resourceId, $record); } elseif ($interpreter->isModifyRelationship()) { return $validators->modifyRelationship($resourceType, $resourceId, $relationshipName, $record); } return null; }