public function Api::validatePurgeToken in Fastly 8.3
Used to validate an API Token's scope for purging capabilities.
Return value
bool FALSE if any corrupt data is passed or token is inadequate for purging.
1 call to Api::validatePurgeToken()
- Api::validatePurgeCredentials in src/
Api.php - Used to validate API token for purge related scope.
File
- src/
Api.php, line 199
Class
- Api
- Fastly API for Drupal.
Namespace
Drupal\fastlyCode
public function validatePurgeToken() {
try {
$token = $this
->getToken();
if (!empty($token->scopes)) {
// GET /tokens/self will return scopes for the passed token, but that
// alone is not enough to know if a token can perform purge actions.
// Global scope tokens require the engineer or superuser role.
$potentially_valid_purge_scopes = 'global';
// Purge tokens require both purge_all and purge_select.
$valid_purge_scopes = [
'purge_all',
'purge_select',
];
if (array_intersect($valid_purge_scopes, $token->scopes) === $valid_purge_scopes) {
return TRUE;
}
elseif (in_array($potentially_valid_purge_scopes, $token->scopes, TRUE)) {
try {
$current_user = $this
->getCurrentUser();
if (!empty($current_user->role)) {
if ($current_user->role === 'engineer' || $current_user->role === 'superuser') {
return TRUE;
}
elseif ($current_user->role === 'billing' || $current_user->role === 'user') {
return FALSE;
}
else {
return FALSE;
}
}
else {
return FALSE;
}
} catch (\Exception $e) {
return FALSE;
}
}
else {
return FALSE;
}
}
else {
return FALSE;
}
} catch (\Exception $e) {
return FALSE;
}
}