public function validateAccessControl() { $accessControl = $this->entry->getAccessControl(); if (!$accessControl) { return; } $context = new kEntryContextDataResult(); $scope = $this->getAccessControlScope(); if (!$this->isKsAdmin()) { $this->disableCache = $accessControl->applyContext($context, $scope); } else { $this->disableCache = false; } if (count($context->getAccessControlMessages())) { foreach ($context->getAccessControlMessages() as $msg) { header("X-Kaltura: access-control: {$msg}"); } } if (count($context->getAccessControlActions())) { $actions = $context->getAccessControlActions(); foreach ($actions as $action) { /* @var $action kAccessControlAction */ if ($action->getType() == accessControlActionType::BLOCK) { KExternalErrors::dieError(KExternalErrors::ACCESS_CONTROL_RESTRICTED); } } } }
protected function validateAccessControl() { $accessControl = $this->_entry->getAccessControl(); if ($accessControl) { $accessControlScope = $this->getAccessControlScope(); $accessControl->setScope($accessControlScope); if (!$accessControl->isValid()) { KExternalErrors::dieError(KExternalErrors::ACCESS_CONTROL_RESTRICTED); } } }
protected function applyContext() { $this->contextResult = null; $accessControl = $this->entry->getAccessControl(); if (!$accessControl) { return; } $this->contextResult = new kEntryContextDataResult(); $scope = $this->getAccessControlScope(); if (!$this->isKsAdmin()) { $this->disableCache = $accessControl->applyContext($this->contextResult, $scope); } else { $this->disableCache = false; } if (count($this->contextResult->getActions())) { foreach ($this->contextResult->getActions() as $action) { if (!isset($this->actionLists[$action->getType()])) { $this->actionLists[$action->getType()] = array($action); } else { array_push($this->actionLists[$action->getType()], $action); } } } }
private function applyAccessControlOnContextData(accessControlScope $accessControlScope) { if ($this->isAdmin) { return; } $accessControl = $this->entry->getAccessControl(); /* @var $accessControl accessControl */ if ($accessControl && $accessControl->hasRules()) { $this->isSecured = true; if (kConf::hasMap("optimized_playback")) { $partnerId = $accessControl->getPartnerId(); $optimizedPlayback = kConf::getMap("optimized_playback"); if (array_key_exists($partnerId, $optimizedPlayback)) { $params = $optimizedPlayback[$partnerId]; if (array_key_exists('cache_kdp_access_control', $params) && $params['cache_kdp_access_control'] && (strpos(strtolower(kCurrentContext::$client_lang), "kdp") !== false || strpos(strtolower(kCurrentContext::$client_lang), "html") !== false)) { return; } } } $accessControlScope->setEntryId($this->entry->getId()); $this->isAdmin = $accessControlScope->getKs() && $accessControlScope->getKs()->isAdmin(); $this->disableCache = $accessControl->applyContext($this->contextDataResult); } }
/** * @param entry $entry * @return bool */ protected function shouldContribute(entry $entry) { if ($entry->getAccessControl()) { foreach ($entry->getAccessControl()->getRulesArray() as $rule) { /** * @var kRule $rule */ foreach ($rule->getActions() as $action) { /** * @var kRuleAction $action */ if ($action->getType() == DrmAccessControlActionType::DRM_POLICY) { return true; } } } } return false; }