mcndave
/
notes-security
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'master' of https://git.mcnd.ca/mcndave/notes-security

This commit is contained in:
Dave M. 2023-02-01 16:43:49 +00:00
parent 94b554ea08 532cecfcad
commit f33fb69150
1 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/SecurityHandler.php
View File

@ -13,7 +13,7 @@ class SecurityHandler {
protected ResponseInterface $redirectResponse; protected ResponseInterface $redirectResponse;
protected \Closure $unauthorizeResponse; protected ? \Closure $unauthorizeResponse;
protected ? Taxus $taxus; protected ? Taxus $taxus;
@ -36,6 +36,7 @@ class SecurityHandler {
public function taxus(string $className, string $methodName, object $user = null) : ? ResponseInterface public function taxus(string $className, string $methodName, object $user = null) : ? ResponseInterface
{ {
if ($taxus = $this->getClassAnnotations(Annotation\Taxus::class, $className, $methodName)) { if ($taxus = $this->getClassAnnotations(Annotation\Taxus::class, $className, $methodName)) {
if ($this->unauthorizeResponse) {
foreach ($taxus as $item) { foreach ($taxus as $item) {
if (!isset($item->privilege) || $this->taxus->granted($item->privilege, $user, $item)) { if (!isset($item->privilege) || $this->taxus->granted($item->privilege, $user, $item)) {
return null; return null;
@ -44,6 +45,10 @@ class SecurityHandler {
return call_user_func_array($this->unauthorizeResponse, [ $user, $taxus, $className, $methodName ]); return call_user_func_array($this->unauthorizeResponse, [ $user, $taxus, $className, $methodName ]);
} }
else {
throw new \ErrorException("Unauthorized response given.");
}
}
return null; return null;
} }