changed signature of checkAccess callback

Author: Insolita

CHANGELOG.md

@@ -35,4 +35,30 @@
  - Add support scenario for delete action
 
 1.3.4
- - Add aftersave callback for create/update actions that called after save model with all relations
+ - Add aftersave callback for create/update actions that called after save model with all relations
+
+2.0.0
+ - Changed signature of checkAccess callbacks, now whole action object passed, instead of action id
+   Before:
+ ```php
+...
+    'checkAccess' => function(string $action, $model = null) {
+       if($action === 'create') {
+             //... 
+       }
+    }
+ ```
+
+After:
+Before:
+
+ ```php
+
+...
+    'checkAccess' => function(JsonApiAction $action, $model = null) {
+           if($action->id === 'create') {
+             //... 
+           }
+       
+    }
+ ```

src/ActiveJsonApiController.php

@@ -10,6 +10,7 @@
 use insolita\fractal\actions\CreateAction;
 use insolita\fractal\actions\DeleteAction;
 use insolita\fractal\actions\HasResourceTransformer;
+use insolita\fractal\actions\JsonApiAction;
 use insolita\fractal\actions\ListAction;
 use insolita\fractal\actions\UpdateAction;
 use insolita\fractal\actions\ViewAction;
@@ -103,12 +104,12 @@ public function actions()
      * to run the specified action against the specified data model.
      * If the user does not have access, a [[ForbiddenHttpException]] should be thrown.
      *
-     * @param string $action the ID of the action to be executed
+     * @param \insolita\fractal\actions\JsonApiAction $action an instance of executed action
      * @param object $model the model to be accessed. If null, it means no specific model is being accessed.
      * @param array $params additional parameters
      * @throws ForbiddenHttpException if the user does not have access
      */
-    public function checkAccess($action, $model = null, $params = [])
+    public function checkAccess(JsonApiAction $action, $model = null, $params = [])
     {
     }
 }

src/actions/CountAction.php

@@ -69,7 +69,7 @@ public function init():void
     public function run()
     {
         if ($this->checkAccess) {
-            call_user_func($this->checkAccess, $this->id);
+            call_user_func($this->checkAccess, $this);
         }
 
         $query =  $this->makeQuery();

src/actions/CountForIdentityAction.php

@@ -58,7 +58,7 @@ class CountForIdentityAction extends JsonApiAction
     public function run()
     {
         if ($this->checkAccess) {
-            call_user_func($this->checkAccess, $this->id);
+            call_user_func($this->checkAccess, $this);
         }
 
         $query =  $this->makeQuery();

src/actions/CreateAction.php

@@ -93,7 +93,7 @@ public function init():void
     public function run()
     {
         if ($this->checkAccess) {
-            call_user_func($this->checkAccess, $this->id);
+            call_user_func($this->checkAccess, $this);
         }
 
         /* @var $model \yii\db\ActiveRecord */

src/actions/CreateRelationshipAction.php

@@ -77,7 +77,7 @@ public function run($id)
     {
         $model = $this->findModel($id);
         if ($this->checkAccess) {
-            call_user_func($this->checkAccess, $this->id, $model);
+            call_user_func($this->checkAccess, $this, $model);
         }
         $manager = new RelationshipManager($model, $this->relationName, $this->getResourceData(), $this->pkType);
         if ($this->idValidateCallback !== null) {

src/actions/DeleteAction.php

@@ -48,7 +48,7 @@ public function run($id):void
         $model = $this->isParentRestrictionRequired() ? $this->findModelForParent($id) : $this->findModel($id);
         $model->setScenario($this->scenario);
         if ($this->checkAccess) {
-            call_user_func($this->checkAccess, $this->id, $model);
+            call_user_func($this->checkAccess, $this, $model);
         }
         if ($model->delete() === false) {
             throw new ServerErrorHttpException('Failed to delete the object for unknown reason.');

src/actions/DeleteRelationshipAction.php

@@ -60,7 +60,7 @@ public function run($id):void
     {
         $model = $this->findModel($id);
         if ($this->checkAccess) {
-            call_user_func($this->checkAccess, $this->id, $model);
+            call_user_func($this->checkAccess, $this, $model);
         }
         $manager = new RelationshipManager($model, $this->relationName, $this->getResourceData(), $this->pkType);
         if ($this->idValidateCallback !== null) {

src/actions/JsonApiAction.php

@@ -65,7 +65,7 @@ class JsonApiAction extends Action
      * if the current user has the permission to execute the action. If not set, the access
      * check will not be performed. The signature of the callable should be as follows,
      * ```php
-     * function ($action, $model = null) {
+     * function (JsonApiAction $action, $model = null) {
      *     // $model is the requested model instance.
      *     // If null, it means no specific model (e.g. IndexAction)
      * }

src/actions/ListAction.php

@@ -74,7 +74,7 @@ public function init():void
     public function run()
     {
         if ($this->checkAccess) {
-            call_user_func($this->checkAccess, $this->id);
+            call_user_func($this->checkAccess, $this);
         }
 
         $dataProvider = $this->makeDataProvider();