/** * Returns the HTTP method names you're allowed to use for this DataSource with this API key * @param \Cx\Core\DataSource\Model\Entity\DataSource $dataSource Requested DataSource * @param string $requestApiKey API key of the request * @return array List of HTTP methods */ public function getAllowedMethods($dataSource, $requestApiKey) { $baseMethods = array('OPTIONS'); $readMethods = array('HEAD', 'GET'); $writeMethods = array('PUT', 'PATCH', 'POST', 'DELETE'); $hasAccess = false; $canRead = false; $canWrite = false; foreach ($dataSource->getDataAccesses() as $dataAccess) { $apiKeys = $dataAccess->getDataAccessApiKeys(); foreach ($apiKeys as $apiKey) { if ($apiKey->getApiKey()->getApiKey() != $requestApiKey) { continue; } $hasAccess = true; if (!$dataAccess->getReadPermission() || $dataAccess->getReadPermission()->hasAccess()) { $canRead = true; } if (!$apiKey->getReadOnly() && (!$dataAccess->getWritePermission() || $dataAccess->getWritePermission()->hasAccess())) { $canWrite = true; } } } $allowedMethods = array(); if ($hasAccess) { $allowedMethods = array_merge($allowedMethods, $baseMethods); } if ($canRead) { $allowedMethods = array_merge($allowedMethods, $readMethods); } if ($canWrite) { $allowedMethods = array_merge($allowedMethods, $writeMethods); } return $allowedMethods; }
public function getDataAccesses() { $this->_load(); return parent::getDataAccesses(); }