Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if(!defined('sugarEntry') || !sugarEntry) die('Not A Valid Entry Point');
- require_once 'clients/mobile/api/OAuth2MobileApi.php';
- /**
- * Example of how to override the core OAuth2MobileApi class in order to alter SugarCRM Mobile authentication behavior
- **/
- class RestrictedOAuth2MobileApi extends OAuth2MobileApi {
- /**
- *
- * By overriding the token function, we can show an example of how to restrict user access to Sugar 7 via Mobile clients/devices.
- *
- * @param ServiceBase $api The service api
- * @param array $args The arguments passed in to the function
- * @throws SugarApiExceptionNotAuthorized If user is not allowed or not using a supported mobile client
- * @return array Access token if login successful
- */
- public function token(ServiceBase $api, array $args)
- {
- global $current_user;
- /**
- * $args['client_info'] contains information about the client being used
- *
- * For example,
- * ['client_info']['app'] is an array of information about the SugarCRM Mobile app itself (app name, app version, if it's native or not, etc.)
- * ['client_info']['browser'] is an array of information about the web browser being used (web kit enabled, user agent string, etc.)
- * ['client_info']['device'] is an array of booleans ('desktop', 'phone', and 'tablet') for the type of device being used
- *
- **/
- // No tablets! (for some reason.)
- if($args['client_info']['device']['tablet']){
- throw new SugarApiExceptionNotAuthorized();
- }
- // continue to perform login as we normally would, we need to do this in order to collect $current_user id
- $authData = parent::token($api, $args);
- // This is a valid user, but we then need to check if they are on a Restricted role
- $roles = ACLRole::getUserRoleNames($current_user->id);
- // If user is in a Restricted role...
- if (in_array('Restricted', $roles)) {
- //Log user back out to cleanup session
- parent::logout($api, $args);
- //And throw Not Authorized exception.
- throw new SugarApiExceptionNotAuthorized();
- }
- return $authData;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement