/** * Return the API layout, e.g. which methods may be called on which entities. * @return stdClass */ public function getLayout() { $methods = array('fetch' => array('fetch', 'fetch_own'), 'create', 'update' => array('update', 'update_own'), 'destroy' => array('destroy', 'destroy_own'), 'count' => array('fetch'), 'relate'); $auth = Garp_Auth::getInstance(); if (is_null($this->_layout)) { // read content managing configuration from content.ini // note; Garp_Cache_Config is not used here because we always want fresh data in the CMS, // no cached versions $config = Garp_Content_Api::_getConfig(); $classes = $config->content->commands; $api = new stdClass(); $api->actions = array(); foreach ($classes as $key => $class) { $alias = !empty($class->alias) ? $class->alias : $key; $modelName = self::modelAliasToClass($alias); if (!array_key_exists($alias, $api->actions)) { $api->actions[$alias] = array(); } foreach ($methods as $method => $privileges) { if (is_numeric($method)) { $method = $privileges; $privileges = array($method); } // Check if any of the given privileges allow for the method to be executed $allowed = false; foreach ($privileges as $privilege) { if ($auth->isAllowed($modelName, $privilege)) { $allowed = true; break; } } // If the method is not allowed, don't mention it in the SMD if (!$allowed) { continue; } $api->actions[$alias][] = array('name' => $method, 'len' => 1); } } $this->_layout = $api; } return $this->_layout; }