1
0
Files
breadcrumb-the-shire/modules/api-docs/lib/Module/ApiDocs/ApiDocsAuthorizationPolicy.php

38 lines
1.1 KiB
PHP
Raw Normal View History

<?php
namespace MintyPHP\Module\ApiDocs;
use MintyPHP\Service\Access\AuthorizationDecision;
use MintyPHP\Service\Access\AuthorizationPolicyInterface;
use MintyPHP\Service\Access\PermissionService;
final class ApiDocsAuthorizationPolicy implements AuthorizationPolicyInterface
{
public const ABILITY_VIEW = 'api_docs.view';
public const PERMISSION_KEY = 'api_docs.view';
public function __construct(
private readonly PermissionService $permissionService
) {
}
public function supports(string $ability): bool
{
return $ability === self::ABILITY_VIEW;
}
public function authorize(string $ability, array $context = []): AuthorizationDecision
{
$actorUserId = (int) ($context['actor_user_id'] ?? 0);
if ($actorUserId <= 0) {
return AuthorizationDecision::deny(403, 'forbidden');
}
if (!$this->permissionService->userHas($actorUserId, self::PERMISSION_KEY)) {
return AuthorizationDecision::deny(403, 'forbidden');
}
return AuthorizationDecision::allow();
}
}