|
24 | 24 | use CloudCreativity\JsonApi\Contracts\Validators\DocumentValidatorInterface; |
25 | 25 | use CloudCreativity\JsonApi\Contracts\Validators\ValidatorProviderInterface; |
26 | 26 | use CloudCreativity\JsonApi\Exceptions\AuthorizationException; |
27 | | -use CloudCreativity\JsonApi\Exceptions\ErrorCollection; |
28 | 27 | use CloudCreativity\JsonApi\Exceptions\ValidationException; |
29 | 28 | use CloudCreativity\JsonApi\Object\Document; |
30 | 29 | use CloudCreativity\JsonApi\Object\ResourceIdentifier; |
@@ -175,21 +174,17 @@ public function validate() |
175 | 174 | /** Check request parameters are acceptable. */ |
176 | 175 | $this->encodingParameters = $this->validateParameters(); |
177 | 176 |
|
178 | | - /** Do any pre-document authorization */ |
179 | | - if (!$this->authorizeBeforeValidation($errors = new ErrorCollection())) { |
180 | | - throw new AuthorizationException($errors); |
181 | | - } |
| 177 | + /** Do any authorization that can occur before the document is validated. */ |
| 178 | + $this->authorizeBeforeValidation(); |
182 | 179 |
|
183 | 180 | /** If a document is expected from the client, validate it. */ |
184 | 181 | if ($this->isExpectingDocument()) { |
185 | 182 | $this->document = $this->decodeDocument($this->getHttpRequest()); |
186 | 183 | $this->validateDocument(); |
187 | 184 | } |
188 | 185 |
|
189 | | - /** Do any post-document authorization. */ |
190 | | - if (!$this->authorizeAfterValidation($errors = new ErrorCollection())) { |
191 | | - throw new AuthorizationException($errors); |
192 | | - } |
| 186 | + /** Do any authorization that occurs after the document is validated. */ |
| 187 | + $this->authorizeAfterValidation(); |
193 | 188 |
|
194 | 189 | $this->validated = true; |
195 | 190 | } |
@@ -243,73 +238,80 @@ public function isValid() |
243 | 238 | } |
244 | 239 |
|
245 | 240 | /** |
246 | | - * @param ErrorCollection $errors |
247 | | - * @return bool |
| 241 | + * @return void |
| 242 | + * @throws AuthorizationException |
248 | 243 | */ |
249 | | - protected function authorizeBeforeValidation(ErrorCollection $errors) |
| 244 | + protected function authorizeBeforeValidation() |
250 | 245 | { |
251 | 246 | if (!$this->authorizer) { |
25
8000
2 | | - return true; |
| 247 | + return; |
253 | 248 | } |
254 | 249 |
|
255 | 250 | $parameters = $this->getEncodingParameters(); |
| 251 | + $authorized = true; |
256 | 252 |
|
257 | 253 | /** Index */ |
258 | 254 | if ($this->isIndex()) { |
259 | | - return $this->authorizer->canReadMany($parameters, $errors); |
| 255 | + $authorized = $this->authorizer->canReadMany($parameters); |
260 | 256 | } /** Read Resource */ |
261 | 257 | elseif ($this->isReadResource()) { |
262 | | - return $this->authorizer->canRead($this->getRecord(), $parameters, $errors); |
| 258 | + $authorized = $this->authorizer->canRead($this->getRecord(), $parameters); |
263 | 259 | } /** Update Resource */ |
264 | 260 | elseif ($this->isUpdateResource()) { |
265 | | - return $this->authorizer->canUpdate($this->getRecord(), $parameters, $errors); |
| 261 | + $authorized = $this->authorizer->canUpdate($this->getRecord(), $parameters); |
266 | 262 | } /** Delete Resource */ |
267 | 263 | elseif ($this->isDeleteResource()) { |
268 | | - return $this->authorizer->canDelete($this->getRecord(), $parameters, $errors); |
| 264 | + $authorized = $this->authorizer->canDelete($this->getRecord(), $parameters); |
269 | 265 | } /** Read Related Resource */ |
270 | 266 | elseif ($this->isReadRelatedResource()) { |
271 | | - return $this->authorizer->canReadRelatedResource( |
| 267 | + $authorized = $this->authorizer->canReadRelatedResource( |
272 | 268 | $this->getRelationshipName(), |
273 | 269 | $this->getRecord(), |
274 | | - $parameters, |
275 | | - $errors |
| 270 | + $parameters |
276 | 271 | ); |
277 | 272 | } /** Read Relationship Data */ |
278 | 273 | elseif ($this->isReadRelationship()) { |
279 | | - return $this->authorizer->canReadRelationship( |
| 274 | + $authorized = $this->authorizer->canReadRelationship( |
280 | 275 | $this->getRelationshipName(), |
281 | 276 | $this->getRecord(), |
282 | | - $parameters, |
283 | | - $errors |
| 277 | + $parameters |
284 | 278 | ); |
285 | 279 | } /** Modify Relationship Data */ |
286 | 280 | elseif ($this->isModifyRelationship()) { |
287 | | - return $this->authorizer->canModifyRelationship( |
| 281 | + $authorized = $this->authorizer->canModifyRelationship( |
288 | 282 | $this->getRelationshipName(), |
289 | 283 | $this->getRecord(), |
290 | | - $parameters, |
291 | | - $errors |
| 284 | + $parameters |
292 | 285 | ); |
293 | 286 | } |
294 | 287 |
|
295 | | - return true; |
| 288 | + if (!$authorized) { |
| 289 | + throw new AuthorizationException($this->authorizer->getErrors()); |
| 290 | + } |
296 | 291 | } |
297 | 292 |
|
298 | 293 | /** |
299 | | - * @param ErrorCollection $errors |
300 | | - * @return bool |
| 294 | + * @return void |
| 295 | + * @throws AuthorizationException |
301 | 296 | */ |
302 | | - protected function authorizeAfterValidation(ErrorCollection $errors) |
| 297 | + protected function authorizeAfterValidation() |
303 | 298 | { |
304 | | - if ($this->authorizer && $this->isCreateResource()) { |
305 | | - return $this->authorizer->canCreate( |
| 299 | + if (!$this->authorizer) { |
| 300 | + return; |
| 301 | + } |
| 302 | + |
| 303 | + $authorized = true; |
| 304 | + |
| 305 | + if ($this->isCreateResource()) { |
| 306 | + $authorized = $this->authorizer->canCreate( |
306 | 307 | $this->getDocument()->resource(), |
307 | | - $this->getEncodingParameters(), |
308 | | - $errors |
| 308 | + $this->getEncodingParameters() |
309 | 309 | ); |
310 | 310 | } |
311 | 311 |
|
312 | | - return true; |
| 312 | + if (!$authorized) { |
| 313 | + throw new AuthorizationException($this->authorizer->getErrors()); |
| 314 | + } |
313 | 315 | } |
314 | 316 |
|
315 | 317 | /** |
|
0 commit comments