Initial commit for update to ACL for REST module; NEEDS TESTING

airtime_mvc/application/configs/ACL.php

@@ -29,7 +29,10 @@ $ccAcl->add(new Zend_Acl_Resource('library'))
       ->add(new Zend_Acl_Resource('audiopreview'))
       ->add(new Zend_Acl_Resource('webstream'))
       ->add(new Zend_Acl_Resource('locale'))
-      ->add(new Zend_Acl_Resource('upgrade'));
+      ->add(new Zend_Acl_Resource('upgrade'))
+      ->add(new Zend_Acl_Resource('downgrade'))
+      ->add(new Zend_Acl_Resource('rest:media'))
+      ->add(new Zend_Acl_Resource('billing'));
 
 /** Creating permissions */
 $ccAcl->allow('G', 'index')
@@ -44,6 +47,8 @@ $ccAcl->allow('G', 'index')
       ->allow('G', 'webstream')
       ->allow('G', 'locale')
       ->allow('G', 'upgrade')
+      ->allow('G', 'downgrade')
+      ->allow('G', 'rest:media')
       ->allow('H', 'preference', 'is-import-in-progress')
       ->allow('H', 'usersettings')
       ->allow('H', 'plupload')

airtime_mvc/application/controllers/plugins/Acl_plugin.php

@@ -113,11 +113,6 @@ class Zend_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract
 
         //Ignore authentication for all access to the rest API. We do auth via API keys for this
         //and/or by OAuth.
-        if (strtolower($request->getModuleName()) == "rest")
-        {
-            return;
-        }
-
         if (in_array($controller, array("api", "auth", "locale", "upgrade"))) {
             $this->setRoleName("G");
         } elseif (!Zend_Auth::getInstance()->hasIdentity()) {