Create an insecure bank application

webroot/lib/Controller/RestrictedPageController.php

@@ -0,0 +1,38 @@
+<?php
+declare(strict_types=1);
+
+namespace Controller;
+
+use Model\Context;
+use View\AccessDeniedPage;
+use View\Sendable;
+
+abstract class RestrictedPageController
+{
+    protected ?Context $context = null;
+
+    public function __construct(string $url)
+    {
+        $this->context = Context::init($url);
+    }
+
+    protected function isCurrentPageAllowed(): bool
+    {
+        foreach ($this->context->navigation as $navigationEntry) {
+            if ($navigationEntry->url === $this->context->currentPage) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    public final function run(): Sendable
+    {
+        if (!$this->isCurrentPageAllowed()) {
+            return new AccessDeniedPage($this->context);
+        }
+        return $this->runLogic();
+    }
+
+    abstract protected function runLogic(): Sendable;
+}