public static function check_permission($required)
{
global $ticket;
if ($ticket && auth::check_ticket($ticket, auth::get_seed())) {
list($uname, $role, $timestamp, $md5str) = explode(':', $ticket);
} else {
$role = ROLE_ANONYMOUS;
}
if ($role > $required) {
/*1为最大角色,其它权限依数字越大,权限越小*/
throw new ForbiddenException('permission denied');
}
}
array_push($ret, $params[$arg_name]);
} else {
if ($func_args[$i]->isOptional() || $func_args[$i]->isDefaultValueAvailable()) {
continue;
} else {
//echo "check_method_params 2:$arg_name\n";
return null;
}
}
}
return $ret;
}
/*check the ticket*/
$ticket = isset($_COOKIE["ticket"]) ? $_COOKIE["ticket"] : null;
$resobj = new response();
if ($ticket && !auth::check_ticket($ticket)) {
$resobj->set(array('code' => 403, 'body' => "ticket invalid!"));
goto RES_CLIENT;
}
/*extract a clean and standard path like /rest/xxx/xxx/xxx*/
function filter_path()
{
$path = preg_replace('/\\|\\\\|\\/\\//', '/', $_SERVER["REQUEST_URI"]);
$path = preg_replace('/\\?[^\\/]*$/', '', $path);
$path = preg_replace('/\\/$/', '', $path);
return $path;
}
/*find the api handler method*/
$handler = find_handler(filter_path());
if ($handler) {
$params = check_method_params($handler['method'], extract_params());
