Code Coverage
 
Lines
Functions and Methods
Classes and Traits
Total
0.00% covered (danger)
0.00%
0 / 9
0.00% covered (danger)
0.00%
0 / 2
 CRAP
0.00% covered (danger)
0.00%
0 / 1
IsSuperAdmin
0.00% covered (danger)
0.00%
0 / 9
0.00% covered (danger)
0.00%
0 / 2
 30
0.00% covered (danger)
0.00%
0 / 1
 __invoke
0.00% covered (danger)
0.00%
0 / 2
0.00% covered (danger)
0.00%
0 / 1
 2
 checkAuthToken
0.00% covered (danger)
0.00%
0 / 7
0.00% covered (danger)
0.00%
0 / 1
 20
1<?php
2/** @noinspection PhpUnhandledExceptionInspection */
3declare(strict_types=1);
4
5// TODO unit test
6
7use Psr\Http\Message\ResponseInterface;
8use Slim\Exception\HttpForbiddenException;
9use Slim\Exception\HttpInternalServerErrorException;
10use Slim\Http\ServerRequest as Request;
11use Psr\Http\Server\RequestHandlerInterface as RequestHandler;
12
13class IsSuperAdmin {
14
15  function __invoke(Request $request, RequestHandler $handler): ResponseInterface {
16    $this->checkAuthToken($request);
17
18    return $handler->handle($request);
19  }
20
21  /**
22   * @param Request $request
23   * @return void
24   */
25  public function checkAuthToken(Request $request): void {
26    /* @var $authToken AuthToken */
27    $authToken = $request->getAttribute('AuthToken');
28
29    if (!$authToken) {
30      throw new HttpInternalServerErrorException($request, 'Validated AuthToken not found.');
31    }
32
33    if ($authToken->getType() != 'admin') {
34      throw new HttpInternalServerErrorException($request, "AuthToken of wrong type: " . $authToken->getType());
35    }
36
37    if ($authToken->getMode() != 'super-admin') {
38      throw new HttpForbiddenException($request, "Only SuperAdmins can do that!");
39    }
40  }
41}