diff options
Diffstat (limited to 'modules/gallery/helpers/items_rest.php')
| -rw-r--r-- | modules/gallery/helpers/items_rest.php | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/modules/gallery/helpers/items_rest.php b/modules/gallery/helpers/items_rest.php index 5d8e80b2..37ebb088 100644 --- a/modules/gallery/helpers/items_rest.php +++ b/modules/gallery/helpers/items_rest.php @@ -19,6 +19,8 @@ */ class items_rest_Core { static function get($request) { + $parent = rest::resolve($request->url); + access::required("view", $parent); $items = array(); if (isset($request->params->url)) { @@ -42,4 +44,12 @@ class items_rest_Core { return $items; } + + static function resolve($id) { + $item = ORM::factory("item", $id); + if (!access::can("view", $item)) { + throw new Kohana_404_Exception(); + } + return $item; + } } |