mti
/
ptut-vhost
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add fiche download auth check

This commit is contained in:
Unknown 2018-05-10 15:43:02 +02:00
parent e9579c8956
commit a745daa506
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
build/api/module/professor/pdfController.php
View File

@ -22,9 +22,17 @@ class pdfController{
* @return download<File> The PDF fiche * @return download<File> The PDF fiche
---------------------------------------------------------*/ ---------------------------------------------------------*/
public static function get($args){ public static function get($args){
$prof_id = -1; $prof_id = -1;
extract($args); extract($args);
if(!$_SESSION["CAS"]["admin"] && $_SESSION["CAS"]["id"] != $prof_id){
return [
'headers' => ["Content-Type" => "text/html"],
'body' => "Unauthorized access"
];
}
/* (0) Initialize /* (0) Initialize
---------------------------------------------------------*/ ---------------------------------------------------------*/
/* (1) Initialize data structure */ /* (1) Initialize data structure */

2
config/modules.json
View File

@ -260,7 +260,7 @@
"GET": { "GET": {
"des": "Get a professor's fiche", "des": "Get a professor's fiche",
"per": [["cas_admin"]], "per": [["cas_admin"],["cas_user"]],
"par": { "par": {
"URL0": { "des": "Optional professor UID.", "typ": "id", "ren": "prof_id" } "URL0": { "des": "Optional professor UID.", "typ": "id", "ren": "prof_id" }
}, },