public function initService($serviceId, $serviceName, $actionName) { // init service and action name $this->serviceId = $serviceId; $this->serviceName = $serviceName; $this->actionName = $actionName; // impersonated partner = partner parameter from the request $this->impersonatedPartnerId = kCurrentContext::$partner_id; $this->ks = kCurrentContext::$ks_object ? kCurrentContext::$ks_object : null; // operating partner = partner from the request or the ks partner $partnerId = kCurrentContext::$partner_id ? kCurrentContext::$partner_id : kCurrentContext::$ks_partner_id; // if there is no session, assume it's partner 0 using actions that doesn't require ks if (is_null($partnerId)) { $partnerId = 0; } $this->partner = PartnerPeer::retrieveByPK($partnerId); if (!$this->partner) { $this->partner = null; } // check if current aciton is allowed and if private partner data access is allowed $allowPrivatePartnerData = false; $actionPermitted = $this->isPermitted($allowPrivatePartnerData); // action not permitted at all, not even kaltura network if (!$actionPermitted) { $e = new KalturaAPIException(APIErrors::SERVICE_FORBIDDEN, $this->serviceId . '->' . $this->actionName); //TODO: should sometimes thorow MISSING_KS instead header("X-Kaltura:error-" . $e->getCode()); header("X-Kaltura-App: exiting on error " . $e->getCode() . " - " . $e->getMessage()); throw $e; } // init partner filter parameters $this->private_partner_data = $allowPrivatePartnerData; $this->partnerGroup = kPermissionManager::getPartnerGroup($this->serviceId, $this->actionName); if ($this->globalPartnerAllowed($this->actionName)) { $this->partnerGroup = PartnerPeer::GLOBAL_PARTNER . ',' . trim($this->partnerGroup, ','); } // apply partner filters according to current context and permissions myPartnerUtils::resetAllFilters(); myPartnerUtils::applyPartnerFilters($partnerId, $this->private_partner_data, $this->partnerGroup, $this->kalturaNetworkAllowed($this->actionName)); }