Elgg  Version 4.3
PageOwnerCanEditGatekeeper.php
Go to the documentation of this file.
1 <?php
2 
3 namespace Elgg\Router\Middleware;
4 
5 use Elgg\Exceptions\Http\EntityPermissionsException;
6 use Elgg\Router\Route;
7 
13 class PageOwnerCanEditGatekeeper {
14 
23  public function __invoke(\Elgg\Request $request) {
24  $this->assertAccess($request);
25  }
26 
37  protected function assertAccess(\Elgg\Request $request, string $type = '', string $subtype = '') {
38 
39  $route = $request->getHttpRequest()->getRoute();
40  if (!$route instanceof Route) {
41  return;
42  }
43 
44  // force detection of page owner for legacy routes
45  $route->setDefault('_detect_page_owner', true);
46 
47  $page_owner = $route->resolvePageOwner();
48  if (!$page_owner instanceof \ElggEntity) {
49  return;
50  }
51 
52  if (!$page_owner->canEdit()) {
53  throw new EntityPermissionsException();
54  }
55 
56  if (!empty($type) && $page_owner->getType() !== $type) {
57  throw new EntityPermissionsException();
58  }
59 
60  if (!empty($subtype) && $page_owner->getSubtype() !== $subtype) {
61  throw new EntityPermissionsException();
62  }
63  }
64 }
Elgg\Router\Middleware\PageOwnerCanEditGatekeeper\__invoke
__invoke(\Elgg\Request $request)
Validate the current request.
Definition: PageOwnerCanEditGatekeeper.php:23
$request
$request
Definition: livesearch.php:11
$type
$type
Definition: delete.php:21
Elgg\Router\Middleware\PageOwnerCanEditGatekeeper\assertAccess
assertAccess(\Elgg\Request $request, string $type= '', string $subtype= '')
Validate the current request.
Definition: PageOwnerCanEditGatekeeper.php:37
Elgg\Router\Route
Route Wrapper.
Definition: Route.php:8
Elgg\Exceptions\Http\EntityPermissionsException
Thrown when entity can not be edited or container permissions do not allow it to be written...
Definition: EntityPermissionsException.php:12
$page_owner
$page_owner
Definition: add.php:15
$subtype
$subtype
Definition: delete.php:22
Elgg\Request
Request container.
Definition: Request.php:12
Elgg\Router\Middleware\PageOwnerCanEditGatekeeper
Check if the current route page owner can be edited (by the current logged in user) ...
Definition: PageOwnerCanEditGatekeeper.php:13
Generated on Sat Feb 4 2023 00:00:23 for Elgg by   doxygen 1.8.11