service = $service; $this->user = $user; if (!$this->user->isAdmin()) { throw new Forbidden(); } } public function getActionRead(Request $request): stdClass { $entity = $this->service->read($request->getRouteParam('id')); return $entity->getValueMap(); } public function putActionUpdate(Request $request): stdClass { $entity = $this->service->update($request->getRouteParam('id'), $request->getParsedBody()); return $entity->getValueMap(); } }