The access check module #23

merged 8 commits into from Oct 4, 2011


None yet
2 participants

dhoffend commented Sep 22, 2011

This module makes use of keyType + accessMask ans throws PhealAccessException if the keyInfo doesn't allow a specific call.

you can either manually specify your keyinfo via

$pheal->setAccess($keyType, $accessMask)

or detect it automatically via an external API call to account/APIKeyInfo.xml.aspx

try {
// error handling
catch( ... ) { ... } 

If enabled Pheal will automatically throw a PhealAccessException and don't execute the remote API call to lower the amount of invalid API calls that might get you banned.

dhoffend added some commits Sep 16, 2011

@dhoffend dhoffend Added experimental version of an access check module by providing key…
…Type + accessMask when creating a Pheal Object. Pheal will throw an PhealAccessException when a access violations has been detected. No api call will be made to avoid doing non-permitted calls to ccp's api server
@dhoffend dhoffend * Updated Access Check Module. keyType/accessMask will be set on Modu…
…le Level not in the Main Object to keep the default Pheal Object clean.

* AccessCheck will only be done on API Calls with given API Key.
* Updated README

@dhoffend dhoffend commented on an outdated diff Sep 22, 2011

@@ -212,6 +212,37 @@ Atm, the custom key support is still in testing (use https://apitest.eveonline.c
echo 'error: ' . $e->code . ' message: ' . $e->getMessage();
+### Customizable API Keys - Access Check
+This config options allows you to verify the call for a given accessLevel before any
+external API request leaves your software. This is useful to prevent generating api
+errors before you get banned cause of too many api errors.
+Pheal will throw an PhealAccessExcption so you can react on and api level errors.
+ require_once "Pheal/Pheal.php";
+ spl_autoload_register("Pheal::classload");
+ PhealConfig::getInstance()->api_base = '';
+ PhealConfig::getInstance()->api_customkeys = true;
+ PhealConfig::getInstance()->access = new PhealCheckAccess();
+ // fetch keyID, vCode, keyType, accessMask from your KeyStorage (DB)
+ PhealConfig::getInstance()->access->set($keyType, $accessMask);

dhoffend Sep 22, 2011


I'm not sure if this is the best way.

IMO the keyType/accessMask are keyspecific values and should belong into the main Pheal Object and not in a common external module. But it's up to Peter if we wanna change the Pheal::__construct or add another public method like setAccess($keyType, $accessMask) to the Pheal object.

This is up for discussion


ppetermann commented Oct 4, 2011

i agree, it belongs to the main Pheal Object, doing it through the
config would cause problems when you run several Pheal instances.

in your pull request you put it in the constructor, while that works, i'd rather see it in the variant with setAccess(),

best regards,

dhoffend added some commits Oct 4, 2011

@dhoffend dhoffend moved setAccess into the main Pheal object. You can now set your keyT…
…ype/accessMask via $pheal->setAccess($type,$mask). Make sure to enable AccessCheck via PhealConfig access object
@dhoffend dhoffend added detectAccess() which autodetects and set the the keyinfo/access…
…mask via api call to prevent invalid calls.
@dhoffend dhoffend fixed keyinfo usage in detectAccess() d242fbc

dhoffend commented Oct 4, 2011

Changes are in, I also added a detectAccess() method that fetches the API Key Info and set the correct KeyType and AccessMask, if you don't have your keyInfo already stored in your database.

@ppetermann ppetermann added a commit that referenced this pull request Oct 4, 2011

@ppetermann ppetermann Merge pull request #23 from Wollari/master
The access check module

@ppetermann ppetermann merged commit 0fbe864 into ppetermann:master Oct 4, 2011

@dhoffend dhoffend pushed a commit to dhoffend/pheal that referenced this pull request Feb 15, 2012

@ppetermann ppetermann Merge pull request #23 from Wollari/master
The access check module
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment