Server : Apache System : Linux server2.corals.io 4.18.0-348.2.1.el8_5.x86_64 #1 SMP Mon Nov 15 09:17:08 EST 2021 x86_64 User : corals ( 1002) PHP Version : 7.4.33 Disable Function : exec,passthru,shell_exec,system Directory : /home/corals/cartforge.co/vendor/magento/module-webapi/Model/Plugin/ |
<?php
/**
* Copyright © Magento, Inc. All rights reserved.
* See COPYING.txt for license details.
*/
namespace Magento\Webapi\Model\Plugin;
use Magento\Integration\Api\AuthorizationServiceInterface as AuthorizationService;
/**
* Plugin around \Magento\Framework\Authorization::isAllowed
*
* Plugin to allow guest users to access resources with anonymous permission
*/
class GuestAuthorization
{
/**
* Check if resource for which access is needed has anonymous permissions defined in webapi config.
*
* @param \Magento\Framework\Authorization $subject
* @param \Closure $proceed
* @param string $resource
* @param string $privilege
* @return bool true If resource permission is anonymous,
* to allow any user access without further checks in parent method
* @SuppressWarnings(PHPMD.UnusedFormalParameter)
*/
public function aroundIsAllowed(
\Magento\Framework\Authorization $subject,
\Closure $proceed,
$resource,
$privilege = null
) {
if ($resource == AuthorizationService::PERMISSION_ANONYMOUS) {
return true;
} else {
return $proceed($resource, $privilege);
}
}
}