/**
* Check to see if an action is authorized on a specific uri given the
* context of the session attempting the action
*
* actionMsg should be an instance of: register, call, subscribe, or publish messages
*
* @param Session $session
* @param ActionMessageInterface $actionMsg
* @throws \Exception
* @return boolean
*/
public function isAuthorizedTo(Session $session, ActionMessageInterface $actionMsg)
{
// authorization
$action = $actionMsg->getActionName();
$uri = $actionMsg->getUri();
$authenticationDetails = $session->getAuthenticationDetails();
// admin can do anything - pretty important
// if this isn't here - then we can't setup any other rules
if ($authenticationDetails->hasAuthRole('admin')) {
return true;
}
if (!$this->isReady()) {
return false;
}
$rolesToCheck = ["default"];
if (count($authenticationDetails->getAuthRoles()) > 0) {
$rolesToCheck = array_merge($rolesToCheck, $authenticationDetails->getAuthRoles());
}
return $this->isAuthorizedByRolesActionAndUri($rolesToCheck, $action, $uri);
}