+--------------------------------------------------------------------+
| CiviCRM version 4.6 |
+--------------------------------------------------------------------+
- | Copyright CiviCRM LLC (c) 2004-2014 |
+ | Copyright CiviCRM LLC (c) 2004-2015 |
+--------------------------------------------------------------------+
| This file is a part of CiviCRM. |
| |
| GNU Affero General Public License or the licensing of CiviCRM, |
| see the CiviCRM license FAQ at http://civicrm.org/licensing |
+--------------------------------------------------------------------+
-*/
+ */
namespace Civi\API\Subscriber;
+
use Civi\API\Events;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
/**
- * For any API requests that correspond to a Doctrine entity ($apiRequest['doctrineClass']), check
- * permissions specified in Civi\API\Annotation\Permission.
+ * For any API requests that correspond to a Doctrine entity
+ * ($apiRequest['doctrineClass']), check permissions specified in
+ * Civi\API\Annotation\Permission.
*/
class PermissionCheck implements EventSubscriberInterface {
/**
/**
* @param \Civi\API\Event\AuthorizeEvent $event
+ * API authorization event.
*
* @throws \Civi\API\Exception\UnauthorizedException
*/
if (is_array($permissions)) {
$permissions = implode(' and ', $permissions);
}
- // FIXME: Generating the exception ourselves allows for detailed error but doesn't play well with multiple authz subscribers.
+ // FIXME: Generating the exception ourselves allows for detailed error
+ // but doesn't play well with multiple authz subscribers.
throw new \Civi\API\Exception\UnauthorizedException("API permission check failed for {$apiRequest['entity']}/{$apiRequest['action']} call; insufficient permission: require $permissions");
}
$event->stopPropagation();
}
}
+
}