|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 | <?php // // Open Web Analytics - An Open Source Web Analytics Framework // // Copyright 2006 Peter Adams. All rights reserved. // // Licensed under GPL v2.0 http://www.gnu.org/copyleft/gpl.html // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. // // $Id$ // require_once(OWA_BASE_DIR.'/owa_view.php'); require_once(OWA_BASE_DIR.'/owa_controller.php'); /** * API Request Controller * * @author Peter Adams <peter@openwebanalytics.com> * @copyright Copyright © 2006 Peter Adams <peter@openwebanalytics.com> * @license http://www.gnu.org/copyleft/gpl.html GPL v2.0 * @category owa * @package owa * @version $Revision$ * @since owa 1.3.0 */ class owa_apiRequestController extends owa_controller { function __construct($params) { return parent::__construct($params); } function action() { $s = owa_coreAPI::serviceSingleton(); // lookup method class $do = $s->getApiMethodClass($this->getParam('do')); if ($do) { // check credentials /* PERFORM AUTHENTICATION */ if (array_key_exists('required_capability', $do)) { /* CHECK USER FOR CAPABILITIES */ if ( ! owa_coreAPI::isCurrentUserCapable( $do['required_capability'] ) ) { // doesn't look like the currentuser has the necessary priviledges owa_coreAPI::debug('User does not have capability required by this controller.'); // auth user $auth = &owa_auth::get_instance(); $status = $auth->authenticateUser(); // if auth was not successful then return login view. if ($status['auth_status'] != true) { return 'This method requires authentication.'; } else { //check for needed capability again now that they are authenticated if (!owa_coreAPI::isCurrentUserCapable($do['required_capability'])) { return 'Your user does not have privileges to access this method.'; } } } } //perform $map = owa_coreAPI::getRequest()->getAllOwaParams(); echo owa_coreAPI::executeApiCommand($map); } } } ?> |