Merge remote-tracking branch 'upstream/4.6' into 4.6-master-2015-05-28-22-50-49
[civicrm-core.git] / Civi / API / Subscriber / PermissionCheck.php
index f9fecfe5182778c28cf66d05c011c443810d9803..49caac2ddcb916746ea059539013848a4df39be8 100644 (file)
@@ -3,7 +3,7 @@
  +--------------------------------------------------------------------+
  | CiviCRM version 4.6                                                |
  +--------------------------------------------------------------------+
- | Copyright CiviCRM LLC (c) 2004-2014                                |
+ | Copyright CiviCRM LLC (c) 2004-2015                                |
  +--------------------------------------------------------------------+
  | This file is a part of CiviCRM.                                    |
  |                                                                    |
  | GNU Affero General Public License or the licensing of CiviCRM,     |
  | see the CiviCRM license FAQ at http://civicrm.org/licensing        |
  +--------------------------------------------------------------------+
-*/
+ */
 
 namespace Civi\API\Subscriber;
+
 use Civi\API\Events;
 use Symfony\Component\EventDispatcher\EventSubscriberInterface;
 
 /**
- * For any API requests that correspond to a Doctrine entity ($apiRequest['doctrineClass']), check
- * permissions specified in Civi\API\Annotation\Permission.
+ * For any API requests that correspond to a Doctrine entity
+ * ($apiRequest['doctrineClass']), check permissions specified in
+ * Civi\API\Annotation\Permission.
  */
 class PermissionCheck implements EventSubscriberInterface {
   /**
@@ -47,6 +49,7 @@ class PermissionCheck implements EventSubscriberInterface {
 
   /**
    * @param \Civi\API\Event\AuthorizeEvent $event
+   *   API authorization event.
    *
    * @throws \Civi\API\Exception\UnauthorizedException
    */
@@ -74,7 +77,8 @@ class PermissionCheck implements EventSubscriberInterface {
         if (is_array($permissions)) {
           $permissions = implode(' and ', $permissions);
         }
-        // FIXME: Generating the exception ourselves allows for detailed error but doesn't play well with multiple authz subscribers.
+        // FIXME: Generating the exception ourselves allows for detailed error
+        // but doesn't play well with multiple authz subscribers.
         throw new \Civi\API\Exception\UnauthorizedException("API permission check failed for {$apiRequest['entity']}/{$apiRequest['action']} call; insufficient permission: require $permissions");
       }
 
@@ -82,4 +86,5 @@ class PermissionCheck implements EventSubscriberInterface {
       $event->stopPropagation();
     }
   }
+
 }