EndSetApiUser will always contain a User
This commit is contained in:
parent
69e04e5cbd
commit
a063bb43a8
@ -627,10 +627,10 @@ EndSetUser: After setting the currently logged in user
|
|||||||
- $user: user
|
- $user: user
|
||||||
|
|
||||||
StartSetApiUser: Before setting the current API user
|
StartSetApiUser: Before setting the current API user
|
||||||
- $user: user
|
- &$user: user, can be set during event handling (return false to stop processing)
|
||||||
|
|
||||||
EndSetApiUser: After setting the current API user
|
EndSetApiUser: After setting the current API user
|
||||||
- $user: user
|
- $user: user, only called if this is an actual user
|
||||||
|
|
||||||
StartHasRole: Before determing if the a profile has a given role
|
StartHasRole: Before determing if the a profile has a given role
|
||||||
- $profile: profile in question
|
- $profile: profile in question
|
||||||
|
@ -212,21 +212,25 @@ class ApiAuthAction extends ApiAction
|
|||||||
// Set the auth user
|
// Set the auth user
|
||||||
if (Event::handle('StartSetApiUser', array(&$user))) {
|
if (Event::handle('StartSetApiUser', array(&$user))) {
|
||||||
$user = User::getKV('id', $appUser->profile_id);
|
$user = User::getKV('id', $appUser->profile_id);
|
||||||
if (!empty($user)) {
|
}
|
||||||
if (!$user->hasRight(Right::API)) {
|
if ($user instanceof User) {
|
||||||
// TRANS: Authorization exception thrown when a user without API access tries to access the API.
|
if (!$user->hasRight(Right::API)) {
|
||||||
throw new AuthorizationException(_('Not allowed to use API.'));
|
// TRANS: Authorization exception thrown when a user without API access tries to access the API.
|
||||||
}
|
throw new AuthorizationException(_('Not allowed to use API.'));
|
||||||
}
|
}
|
||||||
$this->auth_user = $user;
|
$this->auth_user = $user;
|
||||||
// FIXME: setting the value returned by common_current_user()
|
Event::handle('EndSetApiUser', array($this->auth_user));
|
||||||
// There should probably be a better method for this. common_set_user()
|
} else {
|
||||||
// does lots of session stuff.
|
// If $user is not a real User, let's force it to null.
|
||||||
global $_cur;
|
$this->auth_user = null;
|
||||||
$_cur = $this->auth_user;
|
|
||||||
Event::handle('EndSetApiUser', array($user));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// FIXME: setting the value returned by common_current_user()
|
||||||
|
// There should probably be a better method for this. common_set_user()
|
||||||
|
// does lots of session stuff.
|
||||||
|
global $_cur;
|
||||||
|
$_cur = $this->auth_user;
|
||||||
|
|
||||||
$msg = "API OAuth authentication for user '%s' (id: %d) on behalf of " .
|
$msg = "API OAuth authentication for user '%s' (id: %d) on behalf of " .
|
||||||
"application '%s' (id: %d) with %s access.";
|
"application '%s' (id: %d) with %s access.";
|
||||||
|
|
||||||
@ -297,17 +301,17 @@ class ApiAuthAction extends ApiAction
|
|||||||
$user = common_check_user($this->auth_user_nickname,
|
$user = common_check_user($this->auth_user_nickname,
|
||||||
$this->auth_user_password);
|
$this->auth_user_password);
|
||||||
|
|
||||||
if (Event::handle('StartSetApiUser', array(&$user))) {
|
Event::handle('StartSetApiUser', array(&$user));
|
||||||
|
if ($user instanceof User) {
|
||||||
if ($user instanceof User) {
|
if (!$user->hasRight(Right::API)) {
|
||||||
if (!$user->hasRight(Right::API)) {
|
// TRANS: Authorization exception thrown when a user without API access tries to access the API.
|
||||||
// TRANS: Authorization exception thrown when a user without API access tries to access the API.
|
throw new AuthorizationException(_('Not allowed to use API.'));
|
||||||
throw new AuthorizationException(_('Not allowed to use API.'));
|
|
||||||
}
|
|
||||||
$this->auth_user = $user;
|
|
||||||
}
|
}
|
||||||
|
$this->auth_user = $user;
|
||||||
|
|
||||||
Event::handle('EndSetApiUser', array($user));
|
Event::handle('EndSetApiUser', array($this->auth_user));
|
||||||
|
} else {
|
||||||
|
$this->auth_user = null;
|
||||||
}
|
}
|
||||||
|
|
||||||
// By default, basic auth users have rw access
|
// By default, basic auth users have rw access
|
||||||
|
Loading…
Reference in New Issue
Block a user