missingPrivileges example


        $behavior = new CloneBehavior(
            $request->request->all('overwrites'),
            $request->request->getBoolean('cloneChildren', true)
        );

        $entity = $this->urlToSnakeCase($entity);

        $definition = $this->definitionRegistry->getByEntityName($entity);
        $missing = $this->validateAclPermissions($context$definition, AclRoleDefinition::PRIVILEGE_CREATE);
        if ($missing) {
            throw ApiException::missingPrivileges([$missing]);
        }

        /** @var EntityWrittenContainerEvent $eventContainer */
        $eventContainer = $context->scope(Context::CRUD_API_SCOPE, function DContext $context) use ($definition$id$behavior): EntityWrittenContainerEvent {
            $entityRepo = $this->definitionRegistry->getRepository($definition->getEntityName());

            return $entityRepo->clone($id$context, null, $behavior);
        });

        $event = $eventContainer->getEventByEntityName($definition->getEntityName());
        if (!$event) {
            

        $request = $event->getRequest();

        $privileges = $request->attributes->get(PlatformRequest::ATTRIBUTE_ACL);

        if (!$privileges) {
            return;
        }

        $context = $request->attributes->get(PlatformRequest::ATTRIBUTE_CONTEXT_OBJECT);
        if (!$context instanceof Context) {
            throw ApiException::missingPrivileges([]);
        }

        foreach ($privileges as $privilege) {
            if ($privilege === 'app') {
                if ($context->isAllowed('app.all')) {
                    return;
                }

                $privilege = $this->getAppPrivilege($request);
            }

            


        $this->tryToThrow($missingPrivileges);
    }

    /** * @param list<string> $missingPrivileges */
    private function tryToThrow(array $missingPrivileges): void
    {
        if (!empty($missingPrivileges)) {
            throw ApiException::missingPrivileges($missingPrivileges);
        }
    }

    /** * @param WriteCommand[] $commands */
    private function getPrivilegeForParentWriteOperation(WriteCommand $command, array $commands): string
    {
        $pathSuffix = '/translations/' . Uuid::fromBytesToHex($command->getPrimaryKey()['language_id']);
        $parentCommandPath = str_replace($pathSuffix, '', $command->getPath());
        $parentCommand = $this->findCommandByPath($parentCommandPath$commands);

        
public function testUnsupportedAssociation(): void
    {
        $exception = ApiException::unsupportedAssociation('name');

        static::assertEquals(ApiException::API_UNSUPPORTED_ASSOCIATION_FIELD, $exception->getErrorCode());
        static::assertEquals('Unsupported association for field name', $exception->getMessage());
    }

    public function testMissingPrivileges(): void
    {
        $exception = ApiException::missingPrivileges(['read', 'write']);

        static::assertInstanceOf(MissingPrivilegeException::class$exception);
    }

    public function testMissingReverseAssociation(): void
    {
        $exception = ApiException::missingReverseAssociation('order', 'customer');

        static::assertInstanceOf(MissingReverseAssociation::class$exception);
    }

    
throw new InvalidContextSourceException(AdminApiSource::class$context->getSource()::class);
        }

        $userId = $context->getSource()->getUserId();
        if (!$userId) {
            throw new ExpectedUserHttpException();
        }

        $allowedChanges = ['firstName', 'lastName', 'username', 'localeId', 'email', 'avatarMedia', 'avatarId', 'password'];

        if (!empty(array_diff(array_keys($request->request->all())$allowedChanges))) {
            throw ApiException::missingPrivileges(['user:update']);
        }

        return $this->upsertUser($userId$request$context$responseFactory);
    }

    #[Route(path: '/api/_info/ping', name: 'api.info.ping', methods: ['GET'])]     public function status(Context $context): Response
    {
        if (!$context->getSource() instanceof AdminApiSource) {
            throw new InvalidContextSourceException(AdminApiSource::class$context->getSource()::class);
        }

        
Home | Imprint | This part of the site doesn't use cookies.