/** * Authorizes an consumer ACL service object against an provider ACL service * object to check if resource is allowed for current consumer... * * @author Benjamin Carl <*****@*****.**> * @return bool TRUE if authorized, otherwise FALSE * @access protected * @throws Doozr_Base_Model_Rest_Exception */ protected function authorize(Doozr_Acl_Service $aclConsumer, Doozr_Acl_Service $aclProvider) { // Check if login is required and if - if user is logged in ... if ($aclProvider->isLoginRequired() === true && $aclConsumer->isLoggedIn() === false) { throw new Doozr_Base_Model_Rest_Exception('Authorization required.', 403); } elseif ($aclConsumer->isAllowed($aclProvider, Doozr_Acl_Service::ACTION_CREATE) === false) { // Not enough rights ... throw new Doozr_Base_Model_Rest_Exception('Authorization required.', 401); } else { $status = true; } return $status; }