summaryrefslogtreecommitdiffstats
path: root/application/models
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2014-02-21 23:24:01 +0100
committerFlorian Pritz <bluewind@xinu.at>2014-02-21 23:24:01 +0100
commit5919c771e9cf3c3edfc62dfb1ac6bddf1cfc9732 (patch)
treec774ace3303c3dd4c232f49136118014271e2ca2 /application/models
parentaea9987a38715da82291f87129b1a3047e5c9849 (diff)
Implement multiple access levels for api keys
This allows to use an api key to write a completly standalone client. Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application/models')
-rw-r--r--application/models/muser.php19
1 files changed, 12 insertions, 7 deletions
diff --git a/application/models/muser.php b/application/models/muser.php
index 7a3627b18..a1d8f18e5 100644
--- a/application/models/muser.php
+++ b/application/models/muser.php
@@ -11,6 +11,9 @@ class Muser extends CI_Model {
private $default_upload_id_limits = "3-6";
+ // last level has the most access
+ private $access_levels = array("basic", "apikey", "full");
+
function __construct()
{
parent::__construct();
@@ -95,7 +98,7 @@ class Muser extends CI_Model {
$apikey = trim($apikey);
$query = $this->db->query("
- SELECT a.user userid
+ SELECT a.user userid, a.access_level
FROM apikeys a
WHERE a.key = ?
", array($apikey))->row_array();
@@ -105,7 +108,7 @@ class Muser extends CI_Model {
'logged_in' => true,
'username' => '',
'userid' => $query["userid"],
- 'access_level' => 'apikey',
+ 'access_level' => $query["access_level"],
));
return true;
}
@@ -145,15 +148,17 @@ class Muser extends CI_Model {
return $this->duser->get_email($userid);
}
+ public function get_access_levels()
+ {
+ return $this->access_levels;
+ }
+
private function check_access_level($wanted_level)
{
$session_level = $this->session->userdata("access_level");
- // last level has the most access
- $levels = array("apikey", "full");
-
- $wanted = array_search($wanted_level, $levels);
- $have = array_search($session_level, $levels);
+ $wanted = array_search($wanted_level, $this->access_levels);
+ $have = array_search($session_level, $this->access_levels);
if ($wanted === false || $have === false) {
show_error("Failed to determine access level");