API: Use http authentication, check the auth level required

This commit is contained in:
Tom Needham 2012-09-13 15:18:38 +00:00
parent 8b409dfe2a
commit a8c82440d0
1 changed files with 22 additions and 19 deletions

View File

@ -86,7 +86,7 @@ class OC_API {
foreach(self::$actions[$name] as $action){
$app = $action['app'];
// Authorsie this call
if($this->isAuthorised($action)){
if(self::isAuthorised($action)){
if(is_callable($action['action'])){
$responses[] = array('app' => $app, 'response' => call_user_func($action['action'], $parameters));
} else {
@ -105,7 +105,7 @@ class OC_API {
} else {
self::respond($response);
}
// logout the user to be stateles
// logout the user to be stateless
OC_User::logout();
}
@ -114,7 +114,7 @@ class OC_API {
* @param array $action the action details as supplied to OC_API::register()
* @return bool
*/
private function isAuthorised($action){
private static function isAuthorised($action){
$level = $action['authlevel'];
switch($level){
case OC_API::GUEST_AUTH:
@ -123,13 +123,25 @@ class OC_API {
break;
case OC_API::USER_AUTH:
// User required
// Check url for username and password
return self::loginUser();
break;
case OC_API::SUBADMIN_AUTH:
// Check for subadmin
$user = self::loginUser();
if(!$user){
return false;
} else {
return OC_SubAdmin::isSubAdmin($user);
}
break;
case OC_API::ADMIN_AUTH:
// Check for admin
$user = self::loginUser();
if(!$user){
return false;
} else {
return OC_Group::inGroup($user, 'admin');
}
break;
default:
// oops looks like invalid level supplied
@ -139,11 +151,13 @@ class OC_API {
}
/**
* gets login details from url and logs in the user
* @return bool
* http basic auth
* @return string|false (username, or false on failure)
*/
public function loginUser(){
// Todo
private static function loginUser(){
$authuser = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : '';
$authpw = isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : '';
return OC_User::login($authuser, $authpw) ? $authuser : false;
}
/**
@ -222,17 +236,6 @@ class OC_API {
$writer->writeElement($k, $v);
}
}
}
/**
* check if the user is authenticated
*/
public static function checkLoggedIn(){
// Check OAuth
if(!OC_OAuth_Server::isAuthorised()){
OC_Response::setStatus(401);
die();
}
}
}