vendor/shopware/core/Framework/Api/Acl/AclAnnotationValidator.php line 19

Open in your IDE?
  1. <?php declare(strict_types=1);
  3. namespace Shopware\Core\Framework\Api\Acl;
  5. use Shopware\Core\Framework\Context;
  6. use Shopware\Core\PlatformRequest;
  7. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  8. use Symfony\Component\HttpKernel\Event\RequestEvent;
  9. use Symfony\Component\HttpKernel\KernelEvents;
  10. use Symfony\Component\Security\Core\Exception\InsufficientAuthenticationException;
  12. class AclAnnotationValidator implements EventSubscriberInterface
  13. {
  14.     public static function getSubscribedEvents()
  15.     {
  16.         return [KernelEvents::REQUEST => 'validate'];
  17.     }
  19.     public function validate(RequestEvent $event): void
  20.     {
  21.         $request $event->getRequest();
  23.         $privileges $request->attributes->get('_acl');
  25.         if (!$privileges) {
  26.             return;
  27.         }
  29.         $context $request->attributes->get(PlatformRequest::ATTRIBUTE_CONTEXT_OBJECT);
  30.         if ($context === null) {
  31.             throw new InsufficientAuthenticationException('Missing privileges');
  32.         }
  34.         /* @var Context $context */
  35.         foreach ($privileges as $privilege) {
  36.             if (!$context->isAllowed($privilege)) {
  37.                 throw new InsufficientAuthenticationException(
  38.                     sprintf('Missing privilege %s'$privilege)
  39.                 );
  40.             }
  41.         }
  42.     }
  43. }