Beispiel #1
0
function ezp_authandexec($user, $password, $functionName, $params)
{
    $server = $GLOBALS['ggws_server'];
    // replicate here logic found in user/login
    $ini = eZINI::instance();
    if ($ini->hasVariable('UserSettings', 'LoginHandler')) {
        $loginHandlers = $ini->variable('UserSettings', 'LoginHandler');
    } else {
        $loginHandlers = array('standard');
    }
    foreach ($loginHandlers as $loginHandler) {
        $userClass = eZUserLoginHandler::instance($loginHandler);
        $user = $userClass->loginUser($user, $password);
        if ($user instanceof eZUser) {
            // do we need to check this, really?
            //$hasAccessToSite = $user->canLoginToSiteAccess( $GLOBALS['eZCurrentAccess'] );
            //if ( $hasAccessToSite )
            //{
            // check if new user has access to the actual ws
            $access = ggeZWebservices::checkAccess($functionName, $user);
            if (!$access) {
                return new ggWebservicesFault(ggWebservicesServer::INVALIDAUTHERROR, ggWebservicesServer::INVALIDAUTHSTRING);
            }
            if ($server->isInternalRequest($functionName)) {
                return $server->handleInternalRequest($functionName, $params);
            } else {
                return $server->handleRequest($functionName, $params);
            }
            //}
            //else
            //{
            //    $user->logoutCurrent();
            //    // @todo ...
            //    //return $module->handleError( eZError::KERNEL_ACCESS_DENIED, 'kernel' );
            //    return new ggWebservicesFault( ggWebservicesServer::INVALIDAUTHERROR, ggWebservicesServer::INVALIDAUTHSTRING );
            //}
        }
    }
    return new ggWebservicesFault(ggWebservicesServer::INVALIDAUTHERROR, ggWebservicesServer::INVALIDAUTHSTRING);
}
Beispiel #2
0
// it does not return to us different values for method not found / perms not accorded
if ($wsINI->variable('GeneralSettings', 'JscoreIntegration') == 'enabled' && class_exists('ezjscServerRouter')) {
    if (strpos($functionName, '::') !== false) {
        $jscserver = ezjscServerRouter::getInstance(array_merge(explode('::', $functionName), $params));
        if ($jscserver != null) {
            $jscresponse = $jscserver->call();
            $server->showResponse($functionName, $namespaceURI, $jscresponse);
            eZExecution::cleanExit();
            die;
        }
    }
}
// if jscore did not answer yet, process request the standard way
// check perms
$user = eZUser::currentUser();
$access = ggeZWebservices::checkAccess($functionName, $user);
if (!$access) {
    $server->showResponse($functionName, $namespaceURI, new ggWebservicesFault(ggWebservicesServer::INVALIDAUTHERROR, ggWebservicesServer::INVALIDAUTHSTRING));
    eZExecution::cleanExit();
    die;
    // $module->handleError( eZError::KERNEL_ACCESS_DENIED, 'kernel' );
}
if ($wsclass == 'PhpSOAP') {
    $server->processRequestObj($request);
} else {
    if ($server->isInternalRequest($functionName)) {
        $response = $server->handleInternalRequest($functionName, $params);
    } else {
        $response = $server->handleRequest($functionName, $params);
    }
    $server->showResponse($functionName, $namespaceURI, $response);