mirror of
https://github.com/FH-Complete/FHC-Core.git
synced 2026-06-02 04:39:28 +00:00
Paolo
dda27c7d6e
- Renamed method checkPermissions to isEntitled - isEntitled: if the controller is called from the command line, then is always trusted - Adapted controllers application/core/APIv1_Controller.php and application/core/FHC_Controller.php
38 lines
1008 B
PHP
38 lines
1008 B
PHP
<?php
|
|
|
|
require_once APPPATH.'/libraries/REST_Controller.php';
|
|
|
|
class APIv1_Controller extends REST_Controller
|
|
{
|
|
/**
|
|
* Standard constructor for all the RESTful resources
|
|
*/
|
|
public function __construct($requiredPermissions)
|
|
{
|
|
parent::__construct();
|
|
|
|
// Loads return messages
|
|
$this->load->helper('message');
|
|
|
|
// Loads permission lib
|
|
$this->load->library('PermissionLib');
|
|
|
|
log_message('debug', 'Called API: '.$_SERVER['PHP_SELF'].'?'.$_SERVER['QUERY_STRING']);
|
|
|
|
$this->_isAllowed($requiredPermissions);
|
|
}
|
|
|
|
/**
|
|
* Checks if the caller is allowed to access to this content with the given permissions
|
|
* If it is not allowed will set the HTTP header with code 401
|
|
* Wrapper for _checkPermissions
|
|
*/
|
|
private function _isAllowed($requiredPermissions)
|
|
{
|
|
if (!$this->permissionlib->isEntitled($requiredPermissions, $this->router->method))
|
|
{
|
|
$this->response(error('You are not allowed to access to this content'), REST_Controller::HTTP_UNAUTHORIZED);
|
|
}
|
|
}
|
|
}
|