/** * Overrides the default validate method. * * @param bool $validate_request * Determine if we need to validate the sent request values. In case of * delete we don't need to validate the sent request values. */ public function validate($validate_request = TRUE) { $this->getObject(); $this->object->group_type = 'node'; if (empty($this->object->gid)) { $this->object->gid = 0; } else { // Set up the space. spaces_set_space(vsite_get_vsite($this->object->gid)); } $this->object->gid = (int) $this->object->gid; $this->setRequest((array) $this->object); if ($validate_request) { parent::validate(); } $function = $this->object->gid ? 'og_user_access' : 'user_access'; $params = $this->object->gid ? array('node', $this->object->gid, 'administer users', $this->getAccount()) : array('administer users', $this->getAccount()); if (!call_user_func_array($function, $params)) { throw new \RestfulForbiddenException('You are not allowed to manage roles.'); } }