/** * @param RequestConfiguration $configuration * @param string $permission * * @throws AccessDeniedException */ protected function isGrantedOr403(RequestConfiguration $configuration, $permission) { if (!$configuration->hasPermission()) { return; } $permission = $configuration->getPermission($permission); if (!$this->authorizationChecker->isGranted($configuration, $permission)) { throw new AccessDeniedException(); } }
function it_does_not_delete_a_resource_and_throws_http_exception_for_non_html_requests_stopped_via_event(MetadataInterface $metadata, RequestConfigurationFactoryInterface $requestConfigurationFactory, RequestConfiguration $configuration, AuthorizationCheckerInterface $authorizationChecker, RepositoryInterface $repository, SingleResourceProviderInterface $singleResourceProvider, ResourceInterface $resource, FlashHelperInterface $flashHelper, EventDispatcherInterface $eventDispatcher, ResourceControllerEvent $event, Request $request) { $metadata->getApplicationName()->willReturn('sylius'); $metadata->getName()->willReturn('product'); $requestConfigurationFactory->create($metadata, $request)->willReturn($configuration); $configuration->hasPermission()->willReturn(true); $configuration->getPermission(ResourceActions::DELETE)->willReturn('sylius.product.delete'); $authorizationChecker->isGranted($configuration, 'sylius.product.delete')->willReturn(true); $singleResourceProvider->get($configuration, $repository)->willReturn($resource); $configuration->isHtmlRequest()->willReturn(false); $eventDispatcher->dispatchPreEvent(ResourceActions::DELETE, $configuration, $resource)->willReturn($event); $event->isStopped()->willReturn(true); $event->getMessage()->willReturn('Cannot delete this product.'); $event->getErrorCode()->willReturn(500); $repository->remove($resource)->shouldNotBeCalled(); $eventDispatcher->dispatchPostEvent(Argument::any())->shouldNotBeCalled(); $flashHelper->addSuccessFlash(Argument::any())->shouldNotBeCalled(); $flashHelper->addFlashFromEvent(Argument::any())->shouldNotBeCalled(); $this->shouldThrow(new HttpException(500, 'Cannot delete this product.'))->during('deleteAction', array($request)); }