Refactoring: added controlled middleware and changed response class

2016-05-15 18:31:47 -04:00
parent 108e867605
commit 67b8361649
105 changed files with 1586 additions and 1147 deletions
--- a/app/Middleware/ApplicationAuthorizationMiddleware.php
+++ b/app/Middleware/ApplicationAuthorizationMiddleware.php
@@ -0,0 +1,27 @@
+<?php
+
+namespace Kanboard\Middleware;
+
+use Kanboard\Core\Controller\AccessForbiddenException;
+use Kanboard\Core\Controller\BaseMiddleware;
+
+/**
+ * Class ApplicationAuthorizationMiddleware
+ *
+ * @package Kanboard\Middleware
+ * @author  Frederic Guillot
+ */
+class ApplicationAuthorizationMiddleware extends BaseMiddleware
+{
+    /**
+     * Execute middleware
+     */
+    public function execute()
+    {
+        if (! $this->helper->user->hasAccess($this->router->getController(), $this->router->getAction())) {
+            throw new AccessForbiddenException();
+        }
+
+        $this->next();
+    }
+}