refs #16361 [fid] bugfix in authorize method

* introduces new Exception types * uses those Exceptions to authorize user

refs #16361 [fid] bugfix in authorize method
* introduces new Exception types * uses those Exceptions to authorize user
1bf1faa4 · Dorian Merz · 7dee7054 · 1bf1faa4 · 1bf1faa4 · 1bf1faa4
Commit 1bf1faa4 authored 5 years ago by Dorian Merz
--- a/module/fid/src/Service/Client.php
+++ b/module/fid/src/Service/Client.php
@@ -452,10 +452,14 @@ class Client
     * @param String $permission Name of the permission
     * @param User|null $user user object or null if we want to validate the currently logged in user
     * @throws ClientException
+     * @throws UserNotLoggedinException
     * @throws UserNotAuthorizedException
     */
    protected function authorize(String $permission,User $user = null) {
+        if (!$this->isLoggedOn()) {
+            throw new UserNotLoggedinException();
+        }
        $user = $this->requestUserDetails();
        if (!$user->hasPermission($permission)) {
            throw new UserNotAuthorizedException();
@@ -472,7 +476,7 @@ class Client
        try {
            $this->authorize($permission);
-        } catch (UserNotAuthorizedException $exception) {
+        } catch (UserAuthorizationException $exception) {
            return FALSE;
        }
        return TRUE;

--- a/module/fid/src/Service/UserAuthorizationException.php
+++ b/module/fid/src/Service/UserAuthorizationException.php
+<?php
+/**
+ * Copyright (C) 2019 Leipzig University Library
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * @author  Sebastian Kehr <kehr@ub.uni-leipzig.de>
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU GPLv2
+ */
+namespace fid\Service;
+class UserAuthorizationException extends \Exception
+{
+}
--- a/module/fid/src/Service/UserNotAuthorizedException.php
+++ b/module/fid/src/Service/UserNotAuthorizedException.php
@@ -21,6 +21,6 @@
 namespace fid\Service;
-class UserNotAuthorizedException extends \Exception
+class UserNotAuthorizedException extends UserAuthorizationException
 {
 }
--- a/module/fid/src/Service/UserNotLoggedinException.php
+++ b/module/fid/src/Service/UserNotLoggedinException.php
+<?php
+/**
+ * Copyright (C) 2019 Leipzig University Library
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * @author  Sebastian Kehr <kehr@ub.uni-leipzig.de>
+ * @license http://opensource.org/licenses/gpl-2.0.php GNU GPLv2
+ */
+namespace fid\Service;
+class UserNotLoggedinException extends UserAuthorizationException
+{
+}