API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 7th, 2015
161
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.23 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. if(!defined('sugarEntry') || !sugarEntry) die('Not A Valid Entry Point');
  3.  
  4. require_once 'clients/mobile/api/OAuth2MobileApi.php';
  5.  
  6. /**
  7. * Example of how to override the core OAuth2MobileApi class in order to alter SugarCRM Mobile authentication behavior
  8. **/
  9. class RestrictedOAuth2MobileApi extends OAuth2MobileApi {
  10.  
  11. /**
  12. *
  13. * By overriding the token function, we can show an example of how to restrict user access to Sugar 7 via Mobile clients/devices.
  14. *
  15. * @param ServiceBase $api The service api
  16. * @param array $args The arguments passed in to the function
  17. * @throws SugarApiExceptionNotAuthorized If user is not allowed or not using a supported mobile client
  18. * @return array Access token if login successful
  19. */
  20. public function token(ServiceBase $api, array $args)
  21. {
  22. global $current_user;
  23.  
  24. /**
  25. * $args['client_info'] contains information about the client being used
  26. *
  27. * For example,
  28. * ['client_info']['app'] is an array of information about the SugarCRM Mobile app itself (app name, app version, if it's native or not, etc.)
  29. * ['client_info']['browser'] is an array of information about the web browser being used (web kit enabled, user agent string, etc.)
  30. * ['client_info']['device'] is an array of booleans ('desktop', 'phone', and 'tablet') for the type of device being used
  31. *
  32. **/
  33.  
  34. // No tablets! (for some reason.)
  35. if($args['client_info']['device']['tablet']){
  36. throw new SugarApiExceptionNotAuthorized();
  37. }
  38.  
  39. // continue to perform login as we normally would, we need to do this in order to collect $current_user id
  40. $authData = parent::token($api, $args);
  41.  
  42. // This is a valid user, but we then need to check if they are on a Restricted role
  43. $roles = ACLRole::getUserRoleNames($current_user->id);
  44. // If user is in a Restricted role...
  45. if (in_array('Restricted', $roles)) {
  46. //Log user back out to cleanup session
  47. parent::logout($api, $args);
  48. //And throw Not Authorized exception.
  49. throw new SugarApiExceptionNotAuthorized();
  50. }
  51. return $authData;
  52. }
  53.  
  54.  
  55. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!