oUser = new User(); $server = $oServerOauth->getServer(); $request = Request::createFromGlobals(); $allowed = $server->verifyResourceRequest($request); $this->userUid = $oServerOauth->getUserId(); $this->oUser->loadUserRolePermission('PROCESSMAKER', $this->userUid); $metadata = Util::nestedValue($this->restler, 'apiMethodInfo', 'metadata'); if ($allowed && !empty($this->userUid) && (!empty($metadata['access']) && $metadata['access'] == 'protected')) { $parameters = Util::nestedValue($this->restler, 'apiMethodInfo', 'parameters'); if (!is_null(self::$className) && is_string(self::$className)) { $authObj = Scope::get(self::$className); $authObj->parameters = $parameters; $authObj->permission = self::$permission; if (!method_exists($authObj, Defaults::$authenticationMethod)) { throw new RestException ( 500, 'Authentication Class should implement iAuthenticate'); } elseif (!$authObj->{Defaults::$authenticationMethod}()) { throw new RestException(401); } } elseif (!$this->verifyAccess(self::$permission)) { throw new RestException(401); } } return $response; } /** * @return string */ public function __getWWWAuthenticateString() { return ''; } /** * @param $permissions * @return bool */ public function verifyAccess($permissions) { $response = false; $access = -1; if (!is_array($permissions)) { $access = $this->userCanAccess($permissions); } elseif (count($permissions) > 0) { foreach ($permissions as $perm) { $access = $this->userCanAccess($perm); if ($access == 1) { break; } } } if ($access == 1 || empty($permissions)) { $response = true; } return $response; } public function userCanAccess($perm) { $res = -1; $permissions = Util::nestedValue($this->oUser, 'aUserInfo', 'PROCESSMAKER', 'PERMISSIONS'); if (isset($permissions)) { $res = -3; foreach ($permissions as $key => $val) { if ($perm == $val['PER_CODE']) { $res = 1; break; } } } return $res; } }