예제 #1
0
function api_methods_can_view_method(&$method, $viewer_id = 0)
{
    $see_all = auth_has_role("admin", $viewer_id) ? 1 : 0;
    $see_undocumented = auth_has_role_any(array("admin", "api"), $viewer_id) ? 1 : 0;
    if (!$method['enabled'] && !$see_all) {
        return 0;
    }
    if (is_array($method['documented_if'])) {
        $required = $method['documented_if'];
        if (!in_array("admin", $required)) {
            $required[] = "admin";
        }
        if (!auth_has_role_any($required, $viewer_id)) {
            return 0;
        }
    } else {
        if (!$method['documented'] && !$see_all) {
            return 0;
        } else {
        }
    }
    return 1;
}
예제 #2
0
function api_config_ensure_roles(&$method, &$key, &$token)
{
    $roles_map = api_keys_roles_map();
    if (is_array($method['requires_key_role'])) {
        $role_id = $key['role_id'];
        $role = $roles_map[$role_id];
        if (!in_array($role, $method['requires_key_role'])) {
            api_output_error(403, "Insufficient permissions for API key");
        }
    } elseif (isset($method['requires_key_role'])) {
        api_output_error(403, "Insufficient permissions for API key (because the server is misconfigured)");
    } else {
    }
    if (is_array($method['requires_user_role'])) {
        if (!auth_has_role_any($method['requires_user_role'], $token['user_id'])) {
            api_output_error(403, "Insufficient permissions for API key");
        }
    } else {
        if (isset($method['requires_user_role'])) {
            api_output_error(403, "Insufficient permissions for API key (because the server is misconfigured)");
        } else {
        }
    }
    return 1;
}