/**
* Instantiate resource class, set parameters to the instance, run resource internal dispatch method
*
* @param Mage_Api2_Model_Request $request
* @param Mage_Api2_Model_Response $response
* @return Mage_Api2_Model_Dispatcher
* @throws Mage_Api2_Exception
*/
public function dispatch(Mage_Api2_Model_Request $request, Mage_Api2_Model_Response $response)
{
if (!$request->getModel() || !$request->getApiType()) {
throw new Mage_Api2_Exception('Request does not contains all necessary data', Mage_Api2_Model_Server::HTTP_BAD_REQUEST);
}
$model = self::loadResourceModel($request->getModel(), $request->getApiType(), $this->getApiUser()->getType(), $this->getVersion($request->getResourceType(), $request->getVersion()));
$model->setRequest($request);
$model->setResponse($response);
$model->setApiUser($this->getApiUser());
$model->dispatch();
return $this;
}
/**
* Global ACL processing
*
* @param Mage_Api2_Model_Request $request
* @param Mage_Api2_Model_Auth_User_Abstract $apiUser
* @return Mage_Api2_Model_Server
* @throws Mage_Api2_Exception
*/
protected function _allow(Mage_Api2_Model_Request $request, Mage_Api2_Model_Auth_User_Abstract $apiUser)
{
/** @var $globalAcl Mage_Api2_Model_Acl_Global */
$globalAcl = Mage::getModel('api2/acl_global');
if (!$globalAcl->isAllowed($apiUser, $request->getResourceType(), $request->getOperation())) {
throw new Mage_Api2_Exception('Access denied', self::HTTP_FORBIDDEN);
}
return $this;
}
/**
* Set request
*
* @param Mage_Api2_Model_Request $request
* @return Mage_Api2_Model_Resource
*/
public function setRequest(Mage_Api2_Model_Request $request)
{
$this->setResourceType($request->getResourceType());
$this->setApiType($request->getApiType());
$this->_request = $request;
return $this;
}
