Implement stored object permissions in serialization

This commit is contained in:
Julie Lenaerts 2024-07-04 11:38:41 +02:00
parent 5d57ec8a3b
commit 428494ca1f

View File

@ -57,13 +57,13 @@ final class StoredObjectNormalizer implements NormalizerInterface, NormalizerAwa
// deprecated property
$datas['creationDate'] = $datas['createdAt'];
$canDavSee = in_array(self::ADD_DAV_SEE_LINK_CONTEXT, $context['groups'] ?? [], true);
$canDavEdit = in_array(self::ADD_DAV_EDIT_LINK_CONTEXT, $context['groups'] ?? [], true);
$canSee = $this->security->isGranted(StoredObjectRoleEnum::SEE, $object);
$canEdit = $this->security->isGranted(StoredObjectRoleEnum::EDIT, $object);
if ($canDavSee || $canDavEdit) {
if ($canSee || $canEdit) {
$accessToken = $this->JWTDavTokenProvider->createToken(
$object,
$canDavEdit ? StoredObjectRoleEnum::EDIT : StoredObjectRoleEnum::SEE
$canEdit ? StoredObjectRoleEnum::EDIT : StoredObjectRoleEnum::SEE
);
$datas['_links'] = [