/**
* Authorizes an consumer ACL service object against an provider ACL service
* object to check if resource is allowed for current consumer...
*
* @author Benjamin Carl <*****@*****.**>
* @return bool TRUE if authorized, otherwise FALSE
* @access protected
* @throws Doozr_Base_Model_Rest_Exception
*/
protected function authorize(Doozr_Acl_Service $aclConsumer, Doozr_Acl_Service $aclProvider)
{
// Check if login is required and if - if user is logged in ...
if ($aclProvider->isLoginRequired() === true && $aclConsumer->isLoggedIn() === false) {
throw new Doozr_Base_Model_Rest_Exception('Authorization required.', 403);
} elseif ($aclConsumer->isAllowed($aclProvider, Doozr_Acl_Service::ACTION_CREATE) === false) {
// Not enough rights ...
throw new Doozr_Base_Model_Rest_Exception('Authorization required.', 401);
} else {
$status = true;
}
return $status;
}
