We're trying to determine the best way to return 403 for authenticated users and 401 for unauthenticated users in services.runtime.inc when an access callback fails. We can change line 148 to the code below, but I'd prefer to come up with a solution where we could create a patch and not hack the services core. I know we need to take other authentication methods into consideration, but don't know enough about services to say what would be best. Maybe we could set a variable in the $endpoint->authentication loop and a failed access callback would check that variable or the $user->uid to confirm authentication. Thoughts?
if (call_user_func_array($controller['access callback'], $access_arguments) != TRUE) {
$response_code = $user->uid == 0 ? 401 : 403;
return services_error(t('Access denied for user @user', array(
'@user' => isset($user->name) ? $user->name : 'anonymous',
)), $response_code);
}
Comments
Comment #1
ygerasimov commentedYou can use hook_rest_server_execute_errors_alter for that. It will allow to alter error messages right before delivering.
I have updated documentation about this hook.
Comment #2
andyg5000Sorry for reopening, but I want to be able to alter the 401/403 not the message itself. It looks like the response code is hard coded in the runtime file. Let me know if I'm missing something here.
Comment #3
ygerasimov commented@andyg5000 Yes you are right. Looks like we can alter the message but not the code / status code.
We need to have later hook in RESTServer::handleException before the headers are sent. I will work on this and advise.
Comment #4
ygerasimov commentedHere is a patch allowing to alter both status message returned in headers and body of the answer. Please check updated documentation as well.
Comment #5
ygerasimov commentedUpdate patch to eliminate indentation problem.
Comment #6
andyg5000man you're fast! Thanks!
Comment #7
kylebrowning commentedCan we get an example in the documentation instead of just the function name?
Comment #8
ygerasimov commentedHere is it.
Comment #9
kylebrowning commentedThank you. Looks good.
Comment #10
ygerasimov commentedCommitted. Thanks!