Barebone setup@1 > fixed: api.core.AuthSystemDefault (manages default main permissions + custom permissions in the array $_SESSION['PERM'])
This commit is contained in:
xdrm-brackets
parent
8371ea89b8
commit
ab0808d4c5
|
|
@ -82,66 +82,22 @@
|
|||
|
||||
/* [2] Si authentification token -> ADMIN
|
||||
=========================================================*/
|
||||
if( self::auth_level() >= 1 ){
|
||||
if( self::auth_level() == 2 ){
|
||||
|
||||
$checkRoot = new Repo('warehouse/getByToken', [ $_SESSION['AUTH'][0] ]);
|
||||
|
||||
/* (1) Si le token n'existe pas, on retourne une erreur */
|
||||
if( $checkRoot->answer() == false )
|
||||
return false;
|
||||
|
||||
/* (2) On met à jour les informations de l'entrepot */
|
||||
$_SESSION['WAREHOUSE'] = [
|
||||
'id' => (int) $checkRoot->answer()[0]['id_warehouse'],
|
||||
'name' => $checkRoot->answer()[0]['name'],
|
||||
'theme' => '#'.$checkRoot->answer()[0]['theme']
|
||||
];
|
||||
|
||||
/* (3) On récupère les modules de l'entrepot */
|
||||
$getModules = new Repo('warehouse/getModules', [ $_SESSION['WAREHOUSE']['id'] ]);
|
||||
|
||||
$_SESSION['WAREHOUSE']['modules'] = $getModules->answer();
|
||||
// TODO: implement ADMIN database auth. check
|
||||
// + set $_SESSION['ADMIN']
|
||||
// + return FALSE on error
|
||||
|
||||
}
|
||||
|
||||
|
||||
/* [3] Si authentification token -> USER
|
||||
=========================================================*/
|
||||
if( self::auth_level() == 2 ){
|
||||
|
||||
$checkBranch = new Repo('admin/getByToken', [ $_SESSION['WAREHOUSE']['id'], $_SESSION['AUTH'][1] ]);
|
||||
|
||||
/* (1) Si le token n'existe pas, on retourne une erreur */
|
||||
if( $checkBranch->answer() == false )
|
||||
return false;
|
||||
|
||||
/* (2) On met à jour les informations de l'administrateur */
|
||||
$_SESSION['ADMIN'] = [
|
||||
'id' => (int) $checkBranch->answer()['id_admin'],
|
||||
'username' => $checkBranch->answer()['username'],
|
||||
'mail' => $checkBranch->answer()['mail']
|
||||
];
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
/* [4] Si authentification triple -> WAREHOUSE + SATS_token + SATS_nexttoken
|
||||
=========================================================*/
|
||||
if( self::auth_level() == 3 ){
|
||||
|
||||
|
||||
$checkBranch = new Repo('machine/checkToken', [ $_SESSION['WAREHOUSE']['id'], $_SESSION['AUTH'][1], $_SESSION['AUTH'][2] ]);
|
||||
|
||||
/* (1) Si le token n'est pas valide, on retourne une erreur */
|
||||
if( $checkBranch->answer() === false )
|
||||
return false;
|
||||
|
||||
/* (2) On met à jour les informations de l'administrateur */
|
||||
$_SESSION['SATS'] = [
|
||||
'id' => (int) $checkBranch->answer()
|
||||
];
|
||||
if( self::auth_level() == 1 ){
|
||||
|
||||
// TODO: implement USER database auth. check
|
||||
// + set $_SESSION['USER']
|
||||
// + return FALSE on error
|
||||
|
||||
}
|
||||
|
||||
|
|
@ -232,12 +188,20 @@
|
|||
if( in_array('user', $expected) && ( self::auth_level() < 1 || !isset($_SESSION['USER']['id']) ) )
|
||||
return Err::PermissionError;
|
||||
|
||||
/* (3) On retire 'admin', et 'user' de @expected
|
||||
---------------------------------------------------------*/
|
||||
$adminIndex = array_search('admin', $expected);
|
||||
$userIndex = array_search('user', $expected);
|
||||
if( is_int($adminIndex) ) unset($expected[$adminIndex]);
|
||||
if( is_int($userIndex) ) unset($expected[$userIndex]);
|
||||
|
||||
/* [2] Gestion des permissions
|
||||
|
||||
/* [2] Gestion des permissions CUSTOM
|
||||
=========================================================*/
|
||||
|
||||
/* (1) Vérification de toutes les permissions requises */
|
||||
foreach($expected as $permission)
|
||||
|
||||
// Si il manque au minimum une permission, on retourne FALSE
|
||||
if( !in_array($permission, $_SESSION['PERM']) )
|
||||
return Err::PermissionError;
|
||||
|
|
|
|||
Loading…
Reference in New Issue