You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
101 lines
3.0 KiB
101 lines
3.0 KiB
<?php
|
|
namespace app\core\auth;
|
|
|
|
use app\core\auth\User as UserAuth;
|
|
|
|
class Page {
|
|
/**
|
|
* Initialize backoffice users, will be used in authorizing
|
|
* @method initBOUserRoles
|
|
* @return void
|
|
*/
|
|
|
|
public static function initBOUserRoles() {
|
|
// Get CodeIgniter instance
|
|
$CI =& get_instance();
|
|
|
|
$CI->load->model('UserRole');
|
|
|
|
$userRoles = $CI->UserRole->allBORoles();
|
|
$roles = [];
|
|
foreach ($userRoles as $key) {
|
|
$roles[] = $key['role_id'];
|
|
}
|
|
|
|
define('BO_USER_ROLES', $roles);
|
|
}
|
|
|
|
/**
|
|
* Initialize privileges of logged in user
|
|
* @method initUserPrivileges
|
|
* @return void [description]
|
|
*/
|
|
|
|
public static function initUserPrivileges() {
|
|
// Get CodeIgniter instance
|
|
$CI =& get_instance();
|
|
|
|
$CI->load->model('UserRole');
|
|
|
|
$loggedIn = UserAuth::auth();
|
|
|
|
$role_id = $loggedIn['role_id'] ?? null;
|
|
if ($role_id !== null) {
|
|
$user_privs = json_decode( $CI->UserRole->roleHasPrivelege($role_id)['privs'], true );
|
|
define('USER_PRIVS', [$role_id => $user_privs]);
|
|
} else {
|
|
$all_user_privs = $CI->UserRole->allRolePriveleges();
|
|
foreach ($all_user_privs as $row) {
|
|
$user_privs[$row['role_id']] = json_decode($row['privs'], true);
|
|
}
|
|
define('USER_PRIVS', $user_privs);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Checks if user is authorized to perform certain action
|
|
* @method authorize
|
|
* @param string $page_code section where the action will be performed
|
|
* @param int $action priv code
|
|
* @param boolean $show404 show 404 page or not if action is not authorized
|
|
* @return boolean|void
|
|
*/
|
|
|
|
public static function authorize($page_code, $action, $show404 = false) {
|
|
// Get CodeIgniter instance
|
|
$CI =& get_instance();
|
|
|
|
$loggedIn = UserAuth::auth();
|
|
|
|
$role_id = $loggedIn['role_id'] ?? null;
|
|
if ($role_id == null) return false;
|
|
|
|
if ( defined('USER_PRIVS') && in_array($action, USER_PRIVS[$role_id][$page_code]) ) {
|
|
return true;
|
|
}
|
|
// This is needed when BO User is accessing FO page (login-non-required)
|
|
if(UserAuth::isBOUser() && $CI->uri->segment(1, 0) == 'event_details') {
|
|
return true;
|
|
}
|
|
|
|
if ($show404) show_404();
|
|
}
|
|
|
|
/* Execute only once */
|
|
public static function reinitializeDefaultPrivileges() {
|
|
// Get CodeIgniter instance
|
|
$CI =& get_instance();
|
|
|
|
$CI->load->model('UserRole');
|
|
|
|
foreach (USER_ROLES as $role => $role_id) {
|
|
/* Delete current privileges */
|
|
$CI->UserRole->deleteUserRolePrivs($role_id);
|
|
|
|
/* Save privileges as json string */
|
|
$privs = json_encode(DEF_USER_PRIVS[$role_id]);
|
|
$CI->UserRole->storeUserRolePrivs($role_id, $privs);
|
|
}
|
|
output_to_json($CI, "Done reinitializing default privileges");
|
|
}
|
|
}
|