function __isAuthenticated() { return true; if (array_key_exists('HTTP_AUTH_KEY', $_SERVER)) { $authKey = $_SERVER['HTTP_AUTH_KEY']; } elseif (array_key_exists('auth_key', $_GET)) { $authKey = $_GET['auth_key']; } else { throw new RestException(401, 'Authentication Required'); } $sessions = new Sessions(); $session = $sessions->verifySession($authKey); if (is_array($session)) { $sesInfo = $sessions->getSessionUser($authKey); self::$userId = $sesInfo['USR_UID']; self::$authKey = $authKey; return true; } throw new RestException(401, 'Wrong Credentials!'); }
function claimCase($params) { $vsResult = isValidSession($params->sessionId); if ($vsResult->status_code !== 0) { return $vsResult; } if (ifPermission($params->sessionId, 'PM_CASES') == 0) { $result = new wsResponse(2, G::LoadTranslation('ID_NOT_PRIVILEGES')); return $result; } G::LoadClass('sessions'); $oSessions = new Sessions(); $session = $oSessions->getSessionUser($params->sessionId); $ws = new wsBase(); $res = $ws->claimCase($session['USR_UID'], $params->guid, $params->delIndex); return $res; }
function ifPermission($sessionId, $permission) { global $RBAC; $RBAC->initRBAC(); G::LoadClass('sessions'); $oSession = new Sessions(); $user = $oSession->getSessionUser($sessionId); $oRBAC = RBAC::getSingleton(); $oRBAC->loadUserRolePermission($oRBAC->sSystem, $user['USR_UID']); $aPermissions = $oRBAC->aUserInfo[$oRBAC->sSystem]['PERMISSIONS']; $sw = 0; foreach ($aPermissions as $aPermission) { if ($aPermission['PER_CODE'] == $permission) { $sw = 1; } } return $sw; }