-
Notifications
You must be signed in to change notification settings - Fork 173
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add file upload resource #79
Conversation
@mateu-aguilo-bosch any idea how to write tests for this? :) |
To enable feature: To allow anonymous users to upload: |
* | ||
* @return bool | ||
*/ | ||
function restful_file_upload_access() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@mateu-aguilo-bosch just confirming this logic looks ok to you.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it would be better to have an authorizer manager (for the request level access, not the entity level) that it's instantiated from a restful-level generic menu access callback. That would simplify testing for user access to hook_menu generated items.
Something like:
function hook_menu() {
$items['…'] = array(
…
'access callback' => 'restful_menu_access_authorization',
…
);
$items['…']['access arguments'] = $items['…']['page arguments'] + array('custom option1', 'custom option2');
return $items;
}
…
function restful_menu_access_authorization($plugin_type, $version) {
$additional_args = array_slice(2, func_get_args());
$authorizerManager = \RestfulBase::authorizerManager($plugin_type, $version, $additional_args);
return $authorizerManager->authorize();
}
I prefer to get this in, as figuring out the tests might take some time - we can deal with that in a follow up. Merged. |
👍 Let's open a new issue then. |
Opened #88 |
return user_access('bypass file access') || user_access('create files'); | ||
} | ||
|
||
return variable_get('restful_file_upload_allow_anonymous_user', FALSE) || $user->uid; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe we can do this instead to have return type consistency:
return variable_get('restful_file_upload_allow_anonymous_user', FALSE) || !!$user->uid;
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
meh, it's already working :)
#56