aboutsummaryrefslogtreecommitdiffstats
path: root/include/ws_functions.inc.php
diff options
context:
space:
mode:
authorrvelices <rv-github@modusoptimus.com>2007-01-29 20:38:08 +0000
committerrvelices <rv-github@modusoptimus.com>2007-01-29 20:38:08 +0000
commit2f70d58b2243454085035177e4a6ab777a3bf55c (patch)
tree3df82b9a7ddbb72c9ad8de4357b8cd48111fcd61 /include/ws_functions.inc.php
parent3b11eb39cf165558132be9b4bd5f3279410d9632 (diff)
web services: give vincent the calling partner id
git-svn-id: http://piwigo.org/svn/trunk@1768 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r--include/ws_functions.inc.php24
1 files changed, 24 insertions, 0 deletions
diff --git a/include/ws_functions.inc.php b/include/ws_functions.inc.php
index a202e192e..8cbd74987 100644
--- a/include/ws_functions.inc.php
+++ b/include/ws_functions.inc.php
@@ -27,6 +27,30 @@
/**** IMPLEMENTATION OF WEB SERVICE METHODS ***********************************/
/**
+ * Event handler for method invocation security check. Should return a PwgError
+ * if the preconditions are not satifsied for method invocation.
+ */
+function ws_isInvokeAllowed($res, $methodName, $params)
+{
+ global $conf, $calling_partner_id;
+ if ( !$conf['ws_access_control'])
+ {
+ return $res; // No controls are requested
+ }
+ $query = '
+SELECT * FROM '.WEB_SERVICES_ACCESS_TABLE."
+ WHERE `name` = '$calling_partner_id'
+ AND NOW() <= end; ";
+ $result = pwg_query($query);
+ $row = mysql_fetch_assoc($result);
+ if ( empty($row) )
+ {
+ return new PwgError(403, 'Partner id does not exist');
+ }
+ return $res;
+}
+
+/**
* ws_add_controls
* returns additionnal controls if requested
* usable for 99% of Web Service methods