Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2026-02-12 19:02:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Verify API access by user to resource

Browse Source 
API authentication mechanism is supposed to be working with internal or external users
This commit is contained in:
jfefe
2015-05-03 14:44:37 +02:00
parent 46ce77c571
commit 47c3724f3d
3 changed files with 50 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
htdocs/api/class/api_access.class.php
View File

@@ -26,14 +26,10 @@ class DolibarrApiAccess implements iAuthenticate
public static $role = 'user';
/**
* @var array $user_perms Permission of loggued user
@todo
public static $user_perms = array();
public static $required_perms = '';
* *
* @var User $user Permission of loggued user
*/
public static $user = '';
/**
* Check access
@@ -44,8 +40,6 @@ class DolibarrApiAccess implements iAuthenticate
{
global $db;
//@todo hardcoded api_key=>role for brevity
//
$stored_key = '';
$userClass = Defaults::$userIdentifierClass;
@@ -82,7 +76,7 @@ class DolibarrApiAccess implements iAuthenticate
throw new RestException(503, 'Error when fetching user :'.$fuser->error);
}
$fuser->getrights();
static::$user_perms = $fuser->rights;
static::$user = $fuser;
if($fuser->societe_id)
static::$role = 'external';