RESTfulAPI::model_permission_check
Checks a Model's permission for the currently authenticated user via the Permission Manager dependency.
For permissions to actually be checked, this means the RESTfulAPI must have both authenticator and authority dependencies defined. If the authenticator component does not return an instance of the Member null will be passed to the authority component. This default to true.
Signature
private function model_permission_check(string|DataObject
$model,
[string
$httpMethod = 'GET'] )
Parameters
$model
— object- Model's classname or DataObject to check permission for
$httpMethod
— string- API request HTTP method
Returns
- boolean
- true if access is granted, false otherwise