/** * Authorize and authenticate on API method * * @param ActionDispatchEvent $event */ public function authorize(ActionDispatchEvent $event) { $callable = $event->getCallable(); if (!$callable->isMethod() && !$callable->isMethodStatic()) { // Native function or \Closure return; } $class = $callable->getReflection()->getDeclaringClass()->getName(); $method = $callable->getReflection()->getName(); $parameters = $event->getParameters(); $action = $event->getAction(); foreach ($action->getSecurityGroups() as $group) { $authorized = $this->authorizationChecker->isGrantedMethodCall($class, $method, $parameters, [], $group); if (!$authorized) { throw new AccessDeniedException(); } } }
/** * On pre dispatch event * * @param ActionDispatchEvent $event */ public function onPreDispatch(ActionDispatchEvent $event) { $message = sprintf('Match callable "%s" for action "%s".', Reflection::getCalledMethod($event->getCallable()->getReflection()), $event->getAction()->getName()); $this->logger->debug($message); }