3 namespace Wallabag\ApiBundle\Controller
;
5 use FOS\RestBundle\Controller\FOSRestController
;
6 use Symfony\Component\Security\Core\Exception\AccessDeniedException
;
7 use Wallabag\CoreBundle\Entity\Entry
;
9 class WallabagRestController
extends FOSRestController
11 protected function validateAuthentication()
13 if (false === $this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) {
14 throw new AccessDeniedException();
19 * Validate that the first id is equal to the second one.
20 * If not, throw exception. It means a user try to access information from an other user.
22 * @param int $requestUserId User id from the requested source
24 protected function validateUserAccess($requestUserId)
26 $user = $this->get('security.token_storage')->getToken()->getUser();
27 if ($requestUserId != $user->getId()) {
28 throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$requestUserId.', logged user id: '.$user->getId());