Refactoring: added controlled middleware and changed response class

author: Frederic Guillot <fred@kanboard.net> 2016-05-15 18:31:47 -0400
committer: Frederic Guillot <fred@kanboard.net> 2016-05-15 18:31:47 -0400
commit: 67b836164997527b91452b19adbcb8aa3c5decf1 (patch)
tree: b5876d311912e97b0592c7e208639f7b52813a75 /app/Middleware/ApplicationAuthorizationMiddleware.php
parent: 108e867605dbc7ece4cbcbecc89a674e9c154a9b (diff)
1 files changed, 27 insertions, 0 deletions
diff --git a/app/Middleware/ApplicationAuthorizationMiddleware.php b/app/Middleware/ApplicationAuthorizationMiddleware.php
new file mode 100644
index 00000000..faca2d6a
--- /dev/null
+++ b/app/Middleware/ApplicationAuthorizationMiddleware.php
@@ -0,0 +1,27 @@
+<?php
+
+namespace Kanboard\Middleware;
+
+use Kanboard\Core\Controller\AccessForbiddenException;
+use Kanboard\Core\Controller\BaseMiddleware;
+
+/**
+ * Class ApplicationAuthorizationMiddleware
+ *
+ * @package Kanboard\Middleware
+ * @author  Frederic Guillot
+ */
+class ApplicationAuthorizationMiddleware extends BaseMiddleware
+{
+    /**
+     * Execute middleware
+     */
+    public function execute()
+    {
+        if (! $this->helper->user->hasAccess($this->router->getController(), $this->router->getAction())) {
+            throw new AccessForbiddenException();
+        }
+
+        $this->next();
+    }
+}
author	Frederic Guillot <fred@kanboard.net>	2016-05-15 18:31:47 -0400
committer	Frederic Guillot <fred@kanboard.net>	2016-05-15 18:31:47 -0400
commit	67b836164997527b91452b19adbcb8aa3c5decf1 (patch)
tree	b5876d311912e97b0592c7e208639f7b52813a75 /app/Middleware/ApplicationAuthorizationMiddleware.php
parent	108e867605dbc7ece4cbcbecc89a674e9c154a9b (diff)