Skip to content
This repository was archived by the owner on Feb 4, 2022. It is now read-only.

Allow permissible behaviour to emit alternative status codes #73

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 33 additions & 11 deletions code/controller/behavior/permissible.php
Original file line number Diff line number Diff line change
Expand Up @@ -88,22 +88,44 @@ public function execute(CommandInterface $command, CommandChainInterface $chain)
{
$action = $parts[1];

if($this->canExecute($action) === false)
$result = $this->canExecute($action);

$invalid_statuses = array(
HttpResponse::NOT_IMPLEMENTED,
HttpResponse::UNAUTHORIZED,
HttpResponse::FORBIDDEN,
false,
);

if (in_array($result, $invalid_statuses))
{
$message = 'Action '.ucfirst($action).' Not Allowed';
if ($result === false && $this->getUser()->isAuthentic()) {
$result = HttpResponse::FORBIDDEN;
}

if($this->getUser()->isAuthentic())
switch ($result)
{
if (!$this->getUser()->isEnabled()) {
$message = 'User account is disabled';
}
case HttpResponse::NOT_IMPLEMENTED:
throw new HttpExceptionNotImplemented('Action "'.ucfirst($action).'" not implemented');

case HttpResponse::UNAUTHORIZED:
throw new ControllerExceptionRequestNotAuthenticated('Action "'.ucfirst($action).'" requires authentication');

throw new ControllerExceptionRequestForbidden($message);
}
else throw new ControllerExceptionRequestNotAuthorized($message);
case HttpResponse::FORBIDDEN:
throw new ControllerExceptionRequestForbidden('Action "'.ucfirst($action).'" not allowed');

return false;
default:
$message = 'Action "'.ucfirst($action).'" not allowed';

if ($this->getUser()->isAuthentic() && $this->getUser()->isEnabled()) {
$message .= 'User account is disabled';
}

throw new ControllerExceptionRequestForbidden($message);
}
}

return true;
}

return true;
Expand All @@ -125,7 +147,7 @@ public function canExecute($action)
$actions = $this->getActions();
$actions = array_flip($actions);

$result = isset($actions[$action]);
$result = isset($actions[$action]) ? HttpResponse::NOT_IMPLEMENTED : true;
}
else $result = $this->$method();

Expand Down