diff options
author | Simon Rettberg | 2018-02-09 16:13:17 +0100 |
---|---|---|
committer | Simon Rettberg | 2018-02-09 16:13:17 +0100 |
commit | cfa60bc6dc68699efb74342ead37865c074bc66a (patch) | |
tree | 6cb784505789838ddc3c470d1260ad3f651e3bf0 /inc/user.inc.php | |
parent | Merge branch 'master' into permission-manager (diff) | |
download | slx-admin-cfa60bc6dc68699efb74342ead37865c074bc66a.tar.gz slx-admin-cfa60bc6dc68699efb74342ead37865c074bc66a.tar.xz slx-admin-cfa60bc6dc68699efb74342ead37865c074bc66a.zip |
Permissions: Introduce helper functions for common tasks
assertPermission ensures the user has a given permission and
halts execution otherwise.
addGlobalTags is a helper to fill an array for the rendering
process with tags associated with (missing) permissions.
Diffstat (limited to 'inc/user.inc.php')
-rw-r--r-- | inc/user.inc.php | 29 |
1 files changed, 27 insertions, 2 deletions
diff --git a/inc/user.inc.php b/inc/user.inc.php index b5a364ee..eee4f883 100644 --- a/inc/user.inc.php +++ b/inc/user.inc.php @@ -31,8 +31,12 @@ class User if (!self::isLoggedIn()) return false; if (Module::isAvailable("permissionmanager")) { - $module = Page::getModule(); - $permission = $module ? $module->getIdentifier().".".$permission : $permission; + if ($permission{0} === '.') { + $permission = substr($permission, 1); + } else { + $module = Page::getModule(); + $permission = $module ? $module->getIdentifier() . "." . $permission : $permission; + } return PermissionUtil::userHasPermission(self::$user['userid'], $permission, $locationid); } if (self::$user['permissions'] & Permission::get('superadmin')) @@ -40,8 +44,29 @@ class User return (self::$user['permissions'] & Permission::get($permission)) != 0; } + /** + * Confirm current user has the given permission, stop execution and show error message + * otherwise. + * @param string $permission Permission to check for + * @param null|int $locationid location this permission has to apply to, NULL if any location is sufficient + * @param null|string $redirect page to redirect to if permission is not given, NULL defaults to main page + */ + public static function assertPermission($permission, $locationid = NULL, $redirect = NULL) + { + if (User::hasPermission($permission, $locationid)) + return; + Message::addError('main.no-permission'); + if (is_null($redirect)) { + Util::redirect('?do=main'); + } else { + Util::redirect($redirect); + } + } + public static function getAllowedLocations($permission) { + if (!self::isLoggedIn()) + return []; if (Module::isAvailable("permissionmanager")) { $module = Page::getModule(); $permission = $module ? $module->getIdentifier().".".$permission : $permission; |