$user = Auth::getUserRecord();
$acl->setUserId($user['id']);
$acl->setGroupId($user['group']);
}
/**
* Request Payload
*/
$params = $_GET;
$requestPayload = json_decode($app->request()->getBody(), true);
/**
* Extension Alias
*/
if (isset($_REQUEST['run_extension']) && $_REQUEST['run_extension']) {
// Validate extension name
$extensionName = $_REQUEST['run_extension'];
if (!Bootstrap::extensionExists($extensionName)) {
header("HTTP/1.0 404 Not Found");
return JsonView::render(array('message' => 'No such extension.'));
}
// Validate request nonce
if (!$requestNonceProvider->requestHasValidNonce()) {
if ('development' !== DIRECTUS_ENV) {
header("HTTP/1.0 401 Unauthorized");
return JsonView::render(array('message' => 'Unauthorized (nonce).'));
}
}
$extensionsDirectory = APPLICATION_PATH . "/extensions";
$responseData = (require "{$extensionsDirectory}/{$extensionName}/api.php");
$nonceOptions = $requestNonceProvider->getOptions();
$newNonces = $requestNonceProvider->getNewNoncesThisRequest();
header($nonceOptions['nonce_response_header'] . ': ' . implode($newNonces, ","));