/**
* Serves graph endpoint
*
* @param string $request Graph endpoint to serve, e.g. /me or /35/friends
* @return GenericResult
* @throws GraphException
*/
protected function route($request = '/')
{
$ctrl = $this->getController($request);
if ($ctrl instanceof ControllerInterface) {
return $ctrl->call($this->request);
}
$segments = explode('/', trim($request, '/'));
$root_node_id = array_shift($segments);
$node = $this->graph->get($root_node_id);
if (!$node) {
throw new GraphException("Node with id {$root_node_id} not found", HttpResponse::HTTP_NOT_FOUND);
}
$alias = $this->graph->getAlias($node);
if (!$alias) {
throw new GraphException("Nodes of this type can not be accessed via web services", 403);
}
if ($node instanceof ElggEntity) {
set_input('guid', $node->guid);
} else {
set_input('id', $node->id);
}
// Check the hierarchy in ascending order, e.g.
// :blog/likes
// :object/likes
// :entity/likes
$aliases = array($alias, ":{$node->getType()}");
if ($node instanceof \ElggEntity) {
$aliases[] = ':entity';
} else {
if ($node instanceof \ElggExtender) {
$aliases[] = ':extender';
}
}
foreach ($aliases as $alias) {
$alt_segments = $segments;
array_unshift($alt_segments, $alias);
$alt_route = implode('/', $alt_segments);
$can_access = elgg_trigger_plugin_hook('permissions_check:graph', $alt_route, ['node' => $node], true);
if (!$can_access) {
continue;
}
$ctrl = $this->getController($alt_route);
if ($ctrl instanceof ControllerInterface) {
break;
}
}
if (!$ctrl instanceof ControllerInterface) {
throw new GraphException("You do not have access to the requested endpoint", 403);
}
return $ctrl->call();
}
