/** * {@inheritdoc} */ public function getResources($only_handlers = false) { if ($only_handlers) { return []; } $refresh = $this->request->getParameterAsBool(ApiOptions::REFRESH); $schema = $this->request->getParameter(ApiOptions::SCHEMA, ''); /** @type TableNameSchema[] $result */ $result = $this->parent->getTableNames($schema, $refresh); $resources = []; foreach ($result as $table) { $access = $this->getPermissions($table->name); if (!empty($access)) { $info = $table->toArray(); $info['access'] = VerbsMask::maskToArray($access); $resources[] = $info; } } return $resources; }
protected function setRsa($service, $component = null, $verbs = ['GET', 'POST', 'PUT', 'PATCH', 'DELETE'], $requestor = ServiceRequestorTypes::API) { $verbMask = VerbsMask::arrayToMask($verbs); $rsa = ['service' => $service, 'component' => $component, 'verb_mask' => $verbMask, 'requestor_mask' => $requestor]; $this->rsa[] = $rsa; Session::put($this->rsaKey, $this->rsa); }
/** * @param string $action * @param string $service * @param string $component * * @returns bool */ public static function getServiceFilters($action, $service, $component = null) { if (static::isSysAdmin()) { return []; } $services = ArrayUtils::clean(static::get('role.services')); $serviceAllowed = null; $serviceFound = false; $componentFound = false; $action = VerbsMask::toNumeric(static::cleanAction($action)); foreach ($services as $svcInfo) { $tempService = ArrayUtils::get($svcInfo, 'service'); if (null === ($tempVerbs = ArrayUtils::get($svcInfo, 'verb_mask'))) { // Check for old verbs array if (null !== ($temp = ArrayUtils::get($svcInfo, 'verbs'))) { $tempVerbs = VerbsMask::arrayToMask($temp); } } if (0 == strcasecmp($service, $tempService)) { $serviceFound = true; $tempComponent = ArrayUtils::get($svcInfo, 'component'); if (!empty($component)) { if (0 == strcasecmp($component, $tempComponent)) { $componentFound = true; if ($tempVerbs & $action) { $filters = ArrayUtils::get($svcInfo, 'filters'); $operator = ArrayUtils::get($svcInfo, 'filter_op', 'AND'); if (empty($filters)) { return null; } return ['filters' => $filters, 'filter_op' => $operator]; } } elseif (empty($tempComponent) || '*' == $tempComponent) { if ($tempVerbs & $action) { $filters = ArrayUtils::get($svcInfo, 'filters'); $operator = ArrayUtils::get($svcInfo, 'filter_op', 'AND'); if (empty($filters)) { return null; } $serviceAllowed = ['filters' => $filters, 'filter_op' => $operator]; } } } else { if (empty($tempComponent) || '*' == $tempComponent) { if ($tempVerbs & $action) { $filters = ArrayUtils::get($svcInfo, 'filters'); $operator = ArrayUtils::get($svcInfo, 'filter_op', 'AND'); if (empty($filters)) { return null; } $serviceAllowed = ['filters' => $filters, 'filter_op' => $operator]; } } } } } if ($componentFound) { // at least one service and component match was found, but not the right verb return null; } elseif ($serviceFound) { return $serviceAllowed; } return null; }
/** * Checks to see if Access is Allowed based on Role-Service-Access. * * @return bool * @throws \DreamFactory\Core\Exceptions\NotImplementedException */ public static function isAccessAllowed() { /** @var Router $router */ $router = app('router'); $service = strtolower($router->input('service')); $component = strtolower($router->input('resource')); $action = VerbsMask::toNumeric(\Request::getMethod()); $allowed = Session::getServicePermissions($service, $component); return $action & $allowed ? true : false; }
/** * Converts methods array to verb masks * * @param $method * * @throws \DreamFactory\Core\Exceptions\NotImplementedException */ public function setMethodAttribute($method) { if (is_array($method)) { $action = 0; foreach ($method as $verb) { $action = $action | VerbsMask::toNumeric($verb); } } else { $action = $method; } $this->attributes['method'] = $action; }
public function getResources($only_handlers = false) { if ($only_handlers) { return []; } $refresh = $this->request->getParameterAsBool('refresh'); $schema = $this->request->getParameter('schema', ''); $result = $this->listResources($schema, $refresh); $resources = []; foreach ($result as $name) { $access = $this->getPermissions($name); if (!empty($access)) { $resources[] = ['name' => $name, 'access' => VerbsMask::maskToArray($access)]; } } return $resources; }
/** * @param $config * @param $action * * @return bool * @throws \DreamFactory\Core\Exceptions\BadRequestException */ protected static function doesActionApply($config, $action) { $excludeVerbMasks = intval(ArrayUtils::get($config, 'action')); $myActionMask = VerbsMask::toNumeric($action); return $excludeVerbMasks & $myActionMask; }
/** * Handles GET action * * @return mixed */ protected function handleGET() { $resources = $this->getResources(); if (is_array($resources)) { $includeAccess = $this->request->getParameterAsBool(ApiOptions::INCLUDE_ACCESS); $asList = $this->request->getParameterAsBool(ApiOptions::AS_LIST); $idField = $this->request->getParameter(ApiOptions::ID_FIELD, $this->getResourceIdentifier()); $fields = $this->request->getParameter(ApiOptions::FIELDS); if (!$asList && $includeAccess) { foreach ($resources as &$resource) { if (is_array($resource)) { $name = ArrayUtils::get($resource, $idField); $resource['access'] = VerbsMask::maskToArray($this->getPermissions($name)); } } } return ResourcesWrapper::cleanResources($resources, $asList, $idField, $fields); } return $resources; }