/**
* Return the API layout, e.g. which methods may be called on which entities.
* @return stdClass
*/
public function getLayout()
{
$methods = array('fetch' => array('fetch', 'fetch_own'), 'create', 'update' => array('update', 'update_own'), 'destroy' => array('destroy', 'destroy_own'), 'count' => array('fetch'), 'relate');
$auth = Garp_Auth::getInstance();
if (is_null($this->_layout)) {
// read content managing configuration from content.ini
// note; Garp_Cache_Config is not used here because we always want fresh data in the CMS,
// no cached versions
$config = Garp_Content_Api::_getConfig();
$classes = $config->content->commands;
$api = new stdClass();
$api->actions = array();
foreach ($classes as $key => $class) {
$alias = !empty($class->alias) ? $class->alias : $key;
$modelName = self::modelAliasToClass($alias);
if (!array_key_exists($alias, $api->actions)) {
$api->actions[$alias] = array();
}
foreach ($methods as $method => $privileges) {
if (is_numeric($method)) {
$method = $privileges;
$privileges = array($method);
}
// Check if any of the given privileges allow for the method to be executed
$allowed = false;
foreach ($privileges as $privilege) {
if ($auth->isAllowed($modelName, $privilege)) {
$allowed = true;
break;
}
}
// If the method is not allowed, don't mention it in the SMD
if (!$allowed) {
continue;
}
$api->actions[$alias][] = array('name' => $method, 'len' => 1);
}
}
$this->_layout = $api;
}
return $this->_layout;
}
