if ($subjectRef =
$attribute->subject
) { if (\
is_array($subjectRef)) { foreach ($subjectRef as $refKey =>
$ref) { $subject[\
is_string($refKey) ?
$refKey :
(string) $ref] =
$this->
getIsGrantedSubject($ref,
$request,
$arguments);
} } else { $subject =
$this->
getIsGrantedSubject($subjectRef,
$request,
$arguments);
} } if (!
$this->authChecker->
isGranted($attribute->attribute,
$subject)) { $message =
$attribute->message ?:
sprintf('Access Denied by #[IsGranted(%s)] on controller',
$this->
getIsGrantedString($attribute));
if ($statusCode =
$attribute->statusCode
) { throw new HttpException($statusCode,
$message, code:
$attribute->exceptionCode ?? 0
);
} $accessDeniedException =
new AccessDeniedException($message, code:
$attribute->exceptionCode ?? 403
);
$accessDeniedException->
setAttributes($attribute->attribute
);
$accessDeniedException->
setSubject($subject);
throw $accessDeniedException;
} }