Overview

Packages

  • currencysymbol
  • MAbout
  • Mage
    • Admin
    • Adminhtml
    • AdminNotification
    • Api
    • Api2
    • Authorizenet
    • Backup
    • Bundle
    • Captcha
    • Catalog
    • CatalogIndex
    • CatalogInventory
    • CatalogRule
    • CatalogSearch
    • Centinel
    • Checkout
    • Cms
    • Compiler
    • Connect
    • Contacts
    • Core
    • Cron
    • CurrencySymbol
    • Customer
    • Dataflow
    • Directory
    • DirtectPost
    • Downloadable
    • Eav
    • GiftMessage
    • GoogleAnalytics
    • GoogleBase
    • GoogleCheckout
    • ImportExport
    • Index
    • Install
    • Log
    • Media
    • Newsletter
    • Oauth
    • Page
    • PageCache
    • Paygate
    • Payment
    • Paypal
    • PaypalUk
    • Persistent
    • Poll
    • ProductAlert
    • Rating
    • Reports
    • Review
    • Rss
    • Rule
    • Sales
    • SalesRule
    • Sedfriend
    • Sendfriend
    • Shipping
    • Sitemap
    • Tag
    • Tax
    • Usa
    • Weee
    • Widget
    • Wishlist
    • XmlConnect
  • None
  • Phoenix
    • Moneybookers
  • PHP
  • Zend
    • Date
    • Mime
    • XmlRpc

Classes

  • Mage_Api2_Adminhtml_Api2_AttributeController
  • Mage_Api2_Adminhtml_Api2_RoleController
  • Mage_Api2_Block_Adminhtml_Attribute
  • Mage_Api2_Block_Adminhtml_Attribute_Buttons
  • Mage_Api2_Block_Adminhtml_Attribute_Edit
  • Mage_Api2_Block_Adminhtml_Attribute_Edit_Form
  • Mage_Api2_Block_Adminhtml_Attribute_Grid
  • Mage_Api2_Block_Adminhtml_Attribute_Tab_Resource
  • Mage_Api2_Block_Adminhtml_Attribute_Tabs
  • Mage_Api2_Block_Adminhtml_Permissions_User_Edit_Tab_Roles
  • Mage_Api2_Block_Adminhtml_Roles
  • Mage_Api2_Block_Adminhtml_Roles_Buttons
  • Mage_Api2_Block_Adminhtml_Roles_Grid
  • Mage_Api2_Block_Adminhtml_Roles_Tab_Info
  • Mage_Api2_Block_Adminhtml_Roles_Tab_Resources
  • Mage_Api2_Block_Adminhtml_Roles_Tab_Users
  • Mage_Api2_Block_Adminhtml_Roles_Tabs
  • Mage_Api2_Helper_Data
  • Mage_Api2_Model_Acl
  • Mage_Api2_Model_Acl_Filter
  • Mage_Api2_Model_Acl_Filter_Attribute
  • Mage_Api2_Model_Acl_Filter_Attribute_Operation
  • Mage_Api2_Model_Acl_Filter_Attribute_ResourcePermission
  • Mage_Api2_Model_Acl_Global
  • Mage_Api2_Model_Acl_Global_Role
  • Mage_Api2_Model_Acl_Global_Rule
  • Mage_Api2_Model_Acl_Global_Rule_Permission
  • Mage_Api2_Model_Acl_Global_Rule_Privilege
  • Mage_Api2_Model_Acl_Global_Rule_ResourcePermission
  • Mage_Api2_Model_Acl_Global_Rule_Tree
  • Mage_Api2_Model_Auth
  • Mage_Api2_Model_Auth_Adapter
  • Mage_Api2_Model_Auth_Adapter_Abstract
  • Mage_Api2_Model_Auth_Adapter_Oauth
  • Mage_Api2_Model_Auth_User
  • Mage_Api2_Model_Auth_User_Abstract
  • Mage_Api2_Model_Auth_User_Admin
  • Mage_Api2_Model_Auth_User_Customer
  • Mage_Api2_Model_Auth_User_Guest
  • Mage_Api2_Model_Config
  • Mage_Api2_Model_Dispatcher
  • Mage_Api2_Model_Multicall
  • Mage_Api2_Model_Observer
  • Mage_Api2_Model_Renderer
  • Mage_Api2_Model_Renderer_Json
  • Mage_Api2_Model_Renderer_Query
  • Mage_Api2_Model_Renderer_Xml
  • Mage_Api2_Model_Renderer_Xml_Writer
  • Mage_Api2_Model_Request
  • Mage_Api2_Model_Request_Internal
  • Mage_Api2_Model_Request_Interpreter
  • Mage_Api2_Model_Request_Interpreter_Json
  • Mage_Api2_Model_Request_Interpreter_Query
  • Mage_Api2_Model_Request_Interpreter_Xml
  • Mage_Api2_Model_Resource
  • Mage_Api2_Model_Resource_Acl_Filter_Attribute
  • Mage_Api2_Model_Resource_Acl_Filter_Attribute_Collection
  • Mage_Api2_Model_Resource_Acl_Global_Role
  • Mage_Api2_Model_Resource_Acl_Global_Role_Collection
  • Mage_Api2_Model_Resource_Acl_Global_Rule
  • Mage_Api2_Model_Resource_Acl_Global_Rule_Collection
  • Mage_Api2_Model_Resource_Setup
  • Mage_Api2_Model_Resource_Validator
  • Mage_Api2_Model_Resource_Validator_Eav
  • Mage_Api2_Model_Resource_Validator_Fields
  • Mage_Api2_Model_Response
  • Mage_Api2_Model_Route_Abstract
  • Mage_Api2_Model_Route_ApiType
  • Mage_Api2_Model_Route_Rest
  • Mage_Api2_Model_Router
  • Mage_Api2_Model_Server

Interfaces

  • Mage_Api2_Model_Acl_PermissionInterface
  • Mage_Api2_Model_Renderer_Interface
  • Mage_Api2_Model_Request_Interpreter_Interface
  • Mage_Api2_Model_Route_Interface

Exceptions

  • Mage_Api2_Exception
  • Overview
  • Package
  • Class
  • Tree 
 1: <?php
 2: /**
 3:  * Magento
 4:  *
 5:  * NOTICE OF LICENSE
 6:  *
 7:  * This source file is subject to the Open Software License (OSL 3.0)
 8:  * that is bundled with this package in the file LICENSE.txt.
 9:  * It is also available through the world-wide-web at this URL:
10:  * http://opensource.org/licenses/osl-3.0.php
11:  * If you did not receive a copy of the license and are unable to
12:  * obtain it through the world-wide-web, please send an email
13:  * to license@magentocommerce.com so we can send you a copy immediately.
14:  *
15:  * DISCLAIMER
16:  *
17:  * Do not edit or add to this file if you wish to upgrade Magento to newer
18:  * versions in the future. If you wish to customize Magento for your
19:  * needs please refer to http://www.magentocommerce.com for more information.
20:  *
21:  * @category    Mage
22:  * @package     Mage_Api2
23:  * @copyright   Copyright (c) 2012 Magento Inc. (http://www.magentocommerce.com)
24:  * @license     http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
25:  */
26: 
27: /**
28:  * API Global ACL model
29:  *
30:  * @category   Mage
31:  * @package    Mage_Api2
32:  * @author     Magento Core Team <core@magentocommerce.com>
33:  */
34: class Mage_Api2_Model_Acl_Global
35: {
36:     /**
37:      * Check if the operation is allowed on resources of given type type for given user type/role
38:      *
39:      * @param Mage_Api2_Model_Auth_User_Abstract $apiUser
40:      * @param string $resourceType
41:      * @param string $operation
42:      * @return boolean
43:      * @throws Mage_Api2_Exception
44:      */
45:     public function isAllowed(Mage_Api2_Model_Auth_User_Abstract $apiUser, $resourceType, $operation)
46:     {
47:         // skip user without role, e.g. Customer
48:         if (null === $apiUser->getRole()) {
49:             return true;
50:         }
51:         /** @var $aclInstance Mage_Api2_Model_Acl */
52:         $aclInstance = Mage::getSingleton(
53:             'api2/acl',
54:             array('resource_type' => $resourceType, 'operation' => $operation)
55:         );
56: 
57:         if (!$aclInstance->hasRole($apiUser->getRole())) {
58:             throw new Mage_Api2_Exception('Role not found', Mage_Api2_Model_Server::HTTP_UNAUTHORIZED);
59:         }
60:         if (!$aclInstance->has($resourceType)) {
61:             throw new Mage_Api2_Exception('Resource not found', Mage_Api2_Model_Server::HTTP_NOT_FOUND);
62:         }
63:         return $aclInstance->isAllowed($apiUser->getRole(), $resourceType, $operation);
64:     }
65: }
66:
Magento 1.7.0.2 API documentation generated by ApiGen 2.8.0