Skip to content

Commit ee778d6

Browse files
author
Phil Sturgeon
committed
key => FALSE can now be used to override the keys_enabled option for a specific method, and level is now optional. If no level is set it will assume the method has a level of 0.
1 parent ee14f14 commit ee778d6

File tree

2 files changed

+17
-11
lines changed

2 files changed

+17
-11
lines changed

application/controllers/api/example.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -13,8 +13,8 @@
1313
* @link http://philsturgeon.co.uk/code/
1414
*/
1515

16-
// This can be removed if you use __autoload() in config.php
17-
require(APPPATH.'/libraries/REST_Controller.php');
16+
// This can be removed if you use __autoload() in config.php OR use Modular Extensions
17+
require APPPATH.'/libraries/REST_Controller.php';
1818

1919
class Example extends REST_Controller
2020
{

application/libraries/REST_Controller.php

Lines changed: 15 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -121,8 +121,11 @@ function _remap($object_called)
121121
// Do we want to log this method (if allowed by config)?
122122
$log_method = ! (isset($this->methods[$controller_method]['log']) AND $this->methods[$controller_method]['log'] == FALSE);
123123

124-
// Their key is shit
125-
if (config_item('rest_enable_keys') AND $this->_allow === FALSE)
124+
// Use keys for this method?
125+
$use_key = ! (isset($this->methods[$controller_method]['key']) AND $this->methods[$controller_method]['key'] == FALSE);
126+
127+
// Get that useless shitty key out of here
128+
if (config_item('rest_enable_keys') AND $use_key AND $this->_allow === FALSE)
126129
{
127130
$this->response(array('status' => 0, 'error' => 'Invalid API Key.'), 403);
128131
return;
@@ -131,12 +134,12 @@ function _remap($object_called)
131134
// Sure it exists, but can they do anything with it?
132135
if ( ! method_exists($this, $controller_method))
133136
{
134-
$this->response(array('error' => 'Unknown method.'), 404);
137+
$this->response(array('status' => 0, 'error' => 'Unknown method.'), 404);
135138
return;
136139
}
137140

138-
// Checking for keys? GET TO WORK!
139-
if (config_item('rest_enable_keys'))
141+
// Doing key related stuff? Can only do it if they have a key right?
142+
if (config_item('rest_enable_keys') AND ! empty($this->rest->key))
140143
{
141144
// Check the limit
142145
if ( config_item('rest_enable_limits') AND ! $this->_check_limit($controller_method))
@@ -145,11 +148,14 @@ function _remap($object_called)
145148
return;
146149
}
147150

148-
// Their key might not be shit, but is it good enough?
149-
$authorized = ! (isset($this->methods[$controller_method]['level']) AND $this->methods[$controller_method]['level'] > $this->rest->level);
151+
// If no level is set use 0, they probably aren't using permissions
152+
$level = isset($this->methods[$controller_method]['level']) ? $this->methods[$controller_method]['level'] : 0;
153+
154+
// If no level is set, or it is lower than/equal to the key's level
155+
$authorized = $level <= $this->rest->level;
150156

151157
// IM TELLIN!
152-
if (config_item('rest_enable_logging') && $log_method)
158+
if (config_item('rest_enable_logging') AND $log_method)
153159
{
154160
$this->_log_request($authorized);
155161
}
@@ -163,7 +169,7 @@ function _remap($object_called)
163169
}
164170

165171
// No key stuff, but record that stuff is happening
166-
else if (config_item('rest_enable_logging') && $log_method)
172+
else if (config_item('rest_enable_logging') AND $log_method)
167173
{
168174
$this->_log_request($authorized = TRUE);
169175
}

0 commit comments

Comments
 (0)