public function validateAccessControl()
{
$accessControl = $this->entry->getAccessControl();
if (!$accessControl) {
return;
}
$context = new kEntryContextDataResult();
$scope = $this->getAccessControlScope();
if (!$this->isKsAdmin()) {
$this->disableCache = $accessControl->applyContext($context, $scope);
} else {
$this->disableCache = false;
}
if (count($context->getAccessControlMessages())) {
foreach ($context->getAccessControlMessages() as $msg) {
header("X-Kaltura: access-control: {$msg}");
}
}
if (count($context->getAccessControlActions())) {
$actions = $context->getAccessControlActions();
foreach ($actions as $action) {
/* @var $action kAccessControlAction */
if ($action->getType() == accessControlActionType::BLOCK) {
KExternalErrors::dieError(KExternalErrors::ACCESS_CONTROL_RESTRICTED);
}
}
}
}
protected function validateAccessControl()
{
$accessControl = $this->_entry->getAccessControl();
if ($accessControl) {
$accessControlScope = $this->getAccessControlScope();
$accessControl->setScope($accessControlScope);
if (!$accessControl->isValid()) {
KExternalErrors::dieError(KExternalErrors::ACCESS_CONTROL_RESTRICTED);
}
}
}
protected function applyContext()
{
$this->contextResult = null;
$accessControl = $this->entry->getAccessControl();
if (!$accessControl) {
return;
}
$this->contextResult = new kEntryContextDataResult();
$scope = $this->getAccessControlScope();
if (!$this->isKsAdmin()) {
$this->disableCache = $accessControl->applyContext($this->contextResult, $scope);
} else {
$this->disableCache = false;
}
if (count($this->contextResult->getActions())) {
foreach ($this->contextResult->getActions() as $action) {
if (!isset($this->actionLists[$action->getType()])) {
$this->actionLists[$action->getType()] = array($action);
} else {
array_push($this->actionLists[$action->getType()], $action);
}
}
}
}
private function applyAccessControlOnContextData(accessControlScope $accessControlScope)
{
if ($this->isAdmin) {
return;
}
$accessControl = $this->entry->getAccessControl();
/* @var $accessControl accessControl */
if ($accessControl && $accessControl->hasRules()) {
$this->isSecured = true;
if (kConf::hasMap("optimized_playback")) {
$partnerId = $accessControl->getPartnerId();
$optimizedPlayback = kConf::getMap("optimized_playback");
if (array_key_exists($partnerId, $optimizedPlayback)) {
$params = $optimizedPlayback[$partnerId];
if (array_key_exists('cache_kdp_access_control', $params) && $params['cache_kdp_access_control'] && (strpos(strtolower(kCurrentContext::$client_lang), "kdp") !== false || strpos(strtolower(kCurrentContext::$client_lang), "html") !== false)) {
return;
}
}
}
$accessControlScope->setEntryId($this->entry->getId());
$this->isAdmin = $accessControlScope->getKs() && $accessControlScope->getKs()->isAdmin();
$this->disableCache = $accessControl->applyContext($this->contextDataResult);
}
}
/**
* @param entry $entry
* @return bool
*/
protected function shouldContribute(entry $entry)
{
if ($entry->getAccessControl()) {
foreach ($entry->getAccessControl()->getRulesArray() as $rule) {
/**
* @var kRule $rule
*/
foreach ($rule->getActions() as $action) {
/**
* @var kRuleAction $action
*/
if ($action->getType() == DrmAccessControlActionType::DRM_POLICY) {
return true;
}
}
}
}
return false;
}
