CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
hasScope example
if ($result->getTotal() === 0) {
throw OAuthServerException::invalidCredentials();
}
return new Response(null, Response::HTTP_NO_CONTENT);
}
#[Route(path: '/api/user/{userId}', name: 'api.user.delete', defaults: ['auth_required' => true, '_acl' => ['user:delete']], methods: ['DELETE'])] public function deleteUser(string $userId, Request $request, Context $context, ResponseFactoryInterface $factory): Response
{
if (!$this->hasScope($request, UserVerifiedScope::IDENTIFIER)) {
throw new AccessDeniedHttpException(sprintf('This access token does not have the scope "%s" to process this Request', UserVerifiedScope::IDENTIFIER));
}
/** @var AdminApiSource $source */
$source = $context->getSource();
if (
!$source->isAllowed('user:update')
&& $source->getUserId() !== $userId
) {
throw new PermissionDeniedException();
}
throw OAuthServerException::invalidCredentials();
}
return new Response(null, Response::HTTP_NO_CONTENT);
}
#[Route(path: '/api/user/{userId}', name: 'api.user.delete', defaults: ['auth_required' => true, '_acl' => ['user:delete']], methods: ['DELETE'])] public function deleteUser(string $userId, Request $request, Context $context, ResponseFactoryInterface $factory): Response
{
if (!$this->hasScope($request, UserVerifiedScope::IDENTIFIER)) {
throw new AccessDeniedHttpException(sprintf('This access token does not have the scope "%s" to process this Request', UserVerifiedScope::IDENTIFIER));
}
/** @var AdminApiSource $source */
$source = $context->getSource();
if (
!$source->isAllowed('user:update')
&& $source->getUserId() !== $userId
) {
throw new PermissionDeniedException();
}