/**
* Creates and returns a new Exception instance.
*
* @param string $message The message itself
* @param string $key The key for I18N
* @return Faett_Channel_Exceptions_AuthorizationException
*/
public static function create($message, $key = '')
{
// create a new message
$e = new Faett_Channel_Exceptions_AuthorizationException($message);
// set the message key
$e->_setKey($key);
// return the message
return $e;
}
/**
* This method checks that the user logged into the system
* is auhtorized to load the requested resource.
*
* @param array $args
* The arguments necessary for rendering the resource representation
* @return void
*/
protected function _authorize(array $args = array())
{
// load the acutal channel first
$channel = Mage::getModel('channel/channel')->load(Mage::app()->getStore()->getId());
// load the resource name
$channelName = $channel->getCode();
// load the resource path
$resourcePath = $this->_params[Faett_Channel_Helper_Data::TYPE];
// try to load the resource method
if (array_key_exists(Faett_Channel_Helper_Data::ID, $this->_params) && $resourcePath == 'p') {
$packageName = $this->_params[Faett_Channel_Helper_Data::ID];
}
// check if an resource name and a method name can be extracted
if (empty($packageName)) {
if (empty($channelName)) {
throw Faett_Channel_Exceptions_NoResourcePathException::create('The requested empty resource is not available', '200.error.acl.no-resource-path');
}
}
// load the ACL resource information
$resources = $this->_getConfig()->getResources();
// check if the requested resource exists
if (!isset($resources->{$channelName})) {
throw Faett_Channel_Exceptions_InvalidResourcePathException::create('The requested channel ' . $channelName . ' is not available', '200.error.acl.invalid-resource-path');
}
// if a resource method (package) was found, check if the method exists
if (!empty($packageName)) {
if (!isset($resources->{$channelName}->methods->{$packageName})) {
throw Faett_Channel_Exceptions_InvalidResourcePathException::create('The requested package ' . $channelName . '/' . $packageName . ' is not available', '200.error.acl.invalid-resource-path');
}
}
// check if authentication is set
if ($channel->hasAuthentication()) {
// is yes, check if the user is allowed to open the resource
if (!isset($resources->{$channelName}->public) && isset($resources->{$channelName}->acl) && !$this->_getSession()->isAllowed((string) $resources->{$channelName}->acl)) {
throw Faett_Channel_Exceptions_AuthorizationException::create('You\'ve not the permissions to access the requested resource ' . $channelName, '200.error.acl.access-denied');
}
// AND check if the user is allowed to invoke the resource method
if (!empty($packageName)) {
if (!isset($resources->{$channelName}->methods->{$packageName}->public) && isset($resources->{$channelName}->methods->{$packageName}->acl) && !$this->_getSession()->isAllowed((string) $resources->{$channelName}->methods->{$packageName}->acl)) {
throw Faett_Channel_Exceptions_AuthorizationException::create('You\'ve not the permissions to access the requested resource ' . $channelName . '/' . $packageName, '200.error.acl.access-denied');
}
}
}
// invoke the model associated to the ACL
$modelName = (string) $resources->{$channelName}->model;
// instanciate the model
try {
$model = Mage::getModel($modelName);
if ($model instanceof Mage_Api_Model_Resource_Abstract) {
$model->setResourceConfig($resources->{$channelName});
}
} catch (Exception $e) {
throw Faett_Channel_Exceptions_AuthorizationException::create('The requested resource ' . $channelName . ' can not be loaded', '200.error.resource-not-callable');
}
// split the resource path and the resource method
list($resourceName, $resourceMethod) = explode('/', $resourcePath);
// add the resource method to invoke to the arguments
array_push($args, $resourceMethod);
// load the method information
if (!empty($packageName)) {
// check if a method to invoke is set for the package
$methodInfo = $resources->{$channelName}->methods->{$packageName};
$method = isset($methodInfo->method) ? (string) $methodInfo->method : $resourceName;
} else {
// if not, the method to invoke IS the resource name
$method = $resourceName;
}
// check if the requested method can be called
if (is_callable(array(&$model, $method))) {
if (isset($methodInfo->arguments) && (string) $methodInfo->arguments == 'array') {
return $model->{$method}(is_array($args) ? $args : array($args));
} elseif (!is_array($args)) {
return $model->{$method}($args);
} else {
return call_user_func_array(array(&$model, $method), $args);
}
} else {
throw Faett_Channel_Exceptions_AuthorizationException::create('The requested resource ' . $channelName . '/' . $packageName . ' can not be loaded', '200.error.resource-method-not-callable');
}
}
/**
* This method checks that the user logged into the system
* is auhtorized to load the requested resource.
*
* @param array $args
* The arguments necessary for rendering the resource representation
* @return void
*/
protected function _authorize(array $args = array())
{
// prepend store name and load the API path with the ACL's
$apiPath = Mage::app()->getStore()->getCode() . '/' . $this->_params[Faett_Channel_Helper_Data::TYPE];
// split the API path into resource and method name
list($resourceName, $methodName, $serializerMethodName) = explode('/', $apiPath);
// add the serializer method to invoke to the arguments
array_push($args, $serializerMethodName);
// check if an resource name and a method name can be extracted
if (empty($resourceName) || empty($methodName)) {
throw Faett_Channel_Exceptions_NoResourcePathException::create('The requested empty resource is not available', '200.error.acl.no-resource-path');
}
// load the ACL resource information
$resourcesAlias = $this->_getConfig()->getResourcesAlias();
$resources = $this->_getConfig()->getResources();
if (isset($resourcesAlias->{$resourceName})) {
$resourceName = (string) $resourcesAlias->{$resourceName};
}
// check if the requested resource exists
if (!isset($resources->{$resourceName}) || !isset($resources->{$resourceName}->methods->{$methodName})) {
throw Faett_Channel_Exceptions_InvalidResourcePathException::create('The requested resource ' . $resourceName . '/' . $methodName . ' is not available', '200.error.acl.invalid-resource-path');
}
// check if authentication is set
if ($this->_authentication) {
// is yes, check if the user is allowed to open the resource
if (!isset($resources->{$resourceName}->public) && isset($resources->{$resourceName}->acl) && !$this->_getSession()->isAllowed((string) $resources->{$resourceName}->acl)) {
throw Faett_Channel_Exceptions_AuthorizationException::create('You\'ve not the permissions to access the requested resource ' . $resourceName, '200.error.acl.access-denied');
}
// AND check if the user is allowed to invoke the resource method
if (!isset($resources->{$resourceName}->methods->{$methodName}->public) && isset($resources->{$resourceName}->methods->{$methodName}->acl) && !$this->_getSession()->isAllowed((string) $resources->{$resourceName}->methods->{$methodName}->acl)) {
throw Faett_Channel_Exceptions_AuthorizationException::create('You\'ve not the permissions to access the requested resource ' . $resourceName . '/' . $methodName, '200.error.acl.access-denied');
}
}
// load the method information
$methodInfo = $resources->{$resourceName}->methods->{$methodName};
$method = isset($methodInfo->method) ? (string) $methodInfo->method : $methodName;
// invoke the model associated to the ACL
$modelName = (string) $resources->{$resourceName}->model;
// instanciate the model
try {
$model = Mage::getModel($modelName);
if ($model instanceof Mage_Api_Model_Resource_Abstract) {
$model->setResourceConfig($resources->{$resourceName});
}
} catch (Exception $e) {
throw Faett_Channel_Exceptions_AuthorizationException::create('The requested resource ' . $resourceName . ' can not be loaded', '200.error.resource-not-callable');
}
// check if the requested method can be called
if (is_callable(array(&$model, $method))) {
if (isset($methodInfo->arguments) && (string) $methodInfo->arguments == 'array') {
return $model->{$method}(is_array($args) ? $args : array($args));
} elseif (!is_array($args)) {
return $model->{$method}($args);
} else {
return call_user_func_array(array(&$model, $method), $args);
}
} else {
throw Faett_Channel_Exceptions_AuthorizationException::create('The requested resource ' . $resourceName . '/' . $methodName . ' can not be loaded', '200.error.resource-method-not-callable');
}
}
