/**
* Validate Element Permission
*
* @param Request $request Request
* @param UserModel $user User
* @param bool $is_authenticated Is Authenticated
*
* @return null|RestfulApiException
*/
protected function validateElementPermission(Request $request, UserModel $user = null, $is_authenticated = false)
{
$element_permissions = \Craft\craft()->restfulApi_config->getElementPermissions($request->getAttribute('elementType'));
if ($is_authenticated && in_array($request->getMethod(), $element_permissions['authenticated'])) {
return;
}
if (in_array($request->getMethod(), $element_permissions['public'])) {
return;
}
$exception = new RestfulApiException();
$exception->setStatus(401)->setMessage(sprintf('User is not authorized to perform method `%s` on `%s` element type.', $request->getMethod(), $request->getAttribute('elementType')));
throw $exception;
}
/**
* Save Element
*
* @param array $params Parameters
*
* @return BaseElementModel $model
*/
public function saveElement(BaseElementModel $element, Request $request)
{
$element_type = craft()->elements->getElementType($element->getElementType());
$result = $element_type->saveElement($element, null);
if (!$result) {
$exception = new RestfulApiException();
$exception->setStatus(400)->setMessage('Element could not be stored.');
throw $exception;
}
craft()->content->saveContent($element);
return $element;
}
/**
* Get Element Permissions
*
* @param string $element_type Element Type
*
* @return array Element Permissions
*/
public function getElementPermissions($element_type)
{
$element_permissions = $this->getElementTypeConfig($element_type, 'permissions');
if (!$element_permissions) {
$element_permissions = $this->getElementPermissions('*');
}
if (!$element_permissions) {
$exception = new RestfulApiException();
$exception->setStatus(415)->setMessage(sprintf('Permissions for the `%s` element type is not defined.', $element_type));
throw $exception;
}
return $element_permissions;
}
