public function __isAllowed() { //hardcoded api_key=>role for brevity $roles = array('12345' => 'user', '67890' => 'admin'); if (!isset($_GET['api_key']) || !array_key_exists($_GET['api_key'], $roles)) { return false; } static::$role = $roles[$_GET['api_key']]; Resources::$accessControlFunction = 'AccessControl::verifyAccess'; return static::$requires == static::$role || static::$role == 'admin'; }
public function __isAllowed() { //hardcoded api_key=>role for brevity $roles = array('12345' => 'user', '67890' => 'admin'); $userClass = Defaults::$userIdentifierClass; if (isset($_GET['api_key'])) { if (!array_key_exists($_GET['api_key'], $roles)) { $userClass::setCacheIdentifier($_GET['api_key']); return false; } } else { return false; } static::$role = $roles[$_GET['api_key']]; $userClass::setCacheIdentifier(static::$role); Resources::$accessControlFunction = 'AccessControl::verifyAccess'; return static::$requires == static::$role || static::$role == 'admin'; }
/** * Check access * * @return bool * @throws RestException */ public function __isAllowed() { global $db; $stored_key = ''; $userClass = Defaults::$userIdentifierClass; if (isset($_GET['api_key'])) { $sql = "SELECT u.login, u.datec, u.api_key, "; $sql .= " u.tms as date_modification, u.entity"; $sql .= " FROM " . MAIN_DB_PREFIX . "user as u"; $sql .= " WHERE u.api_key = '" . $db->escape($_GET['api_key']) . "'"; $result = $db->query($sql); if ($result) { if ($db->num_rows($result)) { $obj = $db->fetch_object($result); $login = $obj->login; $stored_key = $obj->api_key; } } else { throw new RestException(503, 'Error when fetching user api_key :' . $db->error_msg); } if ($stored_key != $_GET['api_key']) { $userClass::setCacheIdentifier($_GET['api_key']); return false; } $fuser = new User($db); if (!$fuser->fetch('', $login)) { throw new RestException(503, 'Error when fetching user :'******'external'; } if ($fuser->admin) { static::$role = 'admin'; } } else { return false; } $userClass::setCacheIdentifier(static::$role); Resources::$accessControlFunction = 'DolibarrApiAccess::verifyAccess'; return in_array(static::$role, (array) static::$requires) || static::$role == 'admin'; }