diff options
Diffstat (limited to 'modules/gallery/helpers/items_rest.php')
| -rw-r--r-- | modules/gallery/helpers/items_rest.php | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/modules/gallery/helpers/items_rest.php b/modules/gallery/helpers/items_rest.php index 05ca65cf..48839dc9 100644 --- a/modules/gallery/helpers/items_rest.php +++ b/modules/gallery/helpers/items_rest.php @@ -19,10 +19,12 @@ */ class items_rest_Core { static function get($request) { + $parent = rest::resolve($request->url); + access::required("view", $parent); $items = array(); if (isset($request->params->url)) { - foreach($request->params->url as $url) { + foreach ($request->params->url as $url) { $item = rest::resolve($url); if (access::can("view", $item)) { $members = array(); @@ -41,4 +43,12 @@ class items_rest_Core { return $items; } + + static function resolve($id) { + $item = ORM::factory("item", $id); + if (!access::can("view", $item)) { + throw new Kohana_404_Exception(); + } + return $item; + } } |