diff options
Diffstat (limited to 'modules/gallery')
| -rw-r--r-- | modules/gallery/helpers/items_rest.php | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/modules/gallery/helpers/items_rest.php b/modules/gallery/helpers/items_rest.php index 5d8e80b2..ab2fe927 100644 --- a/modules/gallery/helpers/items_rest.php +++ b/modules/gallery/helpers/items_rest.php @@ -19,6 +19,8 @@ */ class items_rest_Core { static function get($request) { + $parent = rest::resolve($request->url); + access::required("view", $parent); $items = array(); if (isset($request->params->url)) { @@ -27,7 +29,7 @@ class items_rest_Core { if (access::can("view", $item)) { $item_rest = array("url" => $url, "entity" => $item->as_restful_array(), - "relationship" => rest::relationships("item", $item)); + "relationships" => rest::relationships("item", $item)); if ($item->type == "album") { $members = array(); foreach ($item->children() as $child) { @@ -42,4 +44,12 @@ class items_rest_Core { return $items; } + + static function resolve($id) { + $item = ORM::factory("item", $id); + if (!access::can("view", $item)) { + throw new Kohana_404_Exception(); + } + return $item; + } } |