Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
100.00% |
2 / 2 |
|
100.00% |
2 / 2 |
CRAP | |
100.00% |
1 / 1 |
| ForbiddenException | |
100.00% |
2 / 2 |
|
100.00% |
2 / 2 |
2 | |
100.00% |
1 / 1 |
| getStatusCode | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| getTitle | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| 1 | <?php |
| 2 | |
| 3 | declare(strict_types=1); |
| 4 | |
| 5 | namespace App\Domain\Exception; |
| 6 | |
| 7 | use RuntimeException; |
| 8 | |
| 9 | /** |
| 10 | * Thrown when the authenticated user lacks permission for the requested |
| 11 | * action. |
| 12 | * |
| 13 | * Distinct from {@see AuthenticationException} (HTTP 401): this means the |
| 14 | * user *is* authenticated, but their role or relationship to the resource |
| 15 | * does not allow this operation. Examples: |
| 16 | * |
| 17 | * - "Admin role required" |
| 18 | * - "Cannot access another investor's data" |
| 19 | * - "Super admin role required for this action" |
| 20 | * |
| 21 | * Maps to HTTP 403 Forbidden. |
| 22 | */ |
| 23 | final class ForbiddenException extends RuntimeException implements HttpStatusException |
| 24 | { |
| 25 | public function getStatusCode(): int |
| 26 | { |
| 27 | return 403; |
| 28 | } |
| 29 | |
| 30 | public function getTitle(): string |
| 31 | { |
| 32 | return 'Forbidden'; |
| 33 | } |
| 34 | } |