Validates that access was performed by specified user or any user that can impersonate as this user.
Requires clientId argument to exist in the provided ServerRequestInterface. Returns HTTP 400 if no ID was provided, HTTP 403 if access is denied or HTTP 404 if there is no object with such ID.
public mixed REQUEST_ATTR_CLIENT_ID = 'clientId'
public __construct(ResponseFactoryInterface $factory) : mixed
- $factory : ResponseFactoryInterface
Return valuesmixed —
public process(ServerRequestInterface $request, RequestHandlerInterface $handler) : ResponseInterface
- $request : ServerRequestInterface
- $handler : RequestHandlerInterface