Barebone setup@1 > fixed: api.core.AuthSystemDefault (manages default main permissions + custom permissions in the array $_SESSION['PERM'])
This commit is contained in:
xdrm-brackets
parent
8371ea89b8
commit
ab0808d4c5
|
|
@ -82,66 +82,22 @@
|
||||||
|
|
||||||
/* [2] Si authentification token -> ADMIN
|
/* [2] Si authentification token -> ADMIN
|
||||||
=========================================================*/
|
=========================================================*/
|
||||||
if( self::auth_level() >= 1 ){
|
if( self::auth_level() == 2 ){
|
||||||
|
|
||||||
$checkRoot = new Repo('warehouse/getByToken', [ $_SESSION['AUTH'][0] ]);
|
// TODO: implement ADMIN database auth. check
|
||||||
|
// + set $_SESSION['ADMIN']
|
||||||
/* (1) Si le token n'existe pas, on retourne une erreur */
|
// + return FALSE on error
|
||||||
if( $checkRoot->answer() == false )
|
|
||||||
return false;
|
|
||||||
|
|
||||||
/* (2) On met à jour les informations de l'entrepot */
|
|
||||||
$_SESSION['WAREHOUSE'] = [
|
|
||||||
'id' => (int) $checkRoot->answer()[0]['id_warehouse'],
|
|
||||||
'name' => $checkRoot->answer()[0]['name'],
|
|
||||||
'theme' => '#'.$checkRoot->answer()[0]['theme']
|
|
||||||
];
|
|
||||||
|
|
||||||
/* (3) On récupère les modules de l'entrepot */
|
|
||||||
$getModules = new Repo('warehouse/getModules', [ $_SESSION['WAREHOUSE']['id'] ]);
|
|
||||||
|
|
||||||
$_SESSION['WAREHOUSE']['modules'] = $getModules->answer();
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* [3] Si authentification token -> USER
|
/* [3] Si authentification token -> USER
|
||||||
=========================================================*/
|
=========================================================*/
|
||||||
if( self::auth_level() == 2 ){
|
if( self::auth_level() == 1 ){
|
||||||
|
|
||||||
$checkBranch = new Repo('admin/getByToken', [ $_SESSION['WAREHOUSE']['id'], $_SESSION['AUTH'][1] ]);
|
|
||||||
|
|
||||||
/* (1) Si le token n'existe pas, on retourne une erreur */
|
|
||||||
if( $checkBranch->answer() == false )
|
|
||||||
return false;
|
|
||||||
|
|
||||||
/* (2) On met à jour les informations de l'administrateur */
|
|
||||||
$_SESSION['ADMIN'] = [
|
|
||||||
'id' => (int) $checkBranch->answer()['id_admin'],
|
|
||||||
'username' => $checkBranch->answer()['username'],
|
|
||||||
'mail' => $checkBranch->answer()['mail']
|
|
||||||
];
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
/* [4] Si authentification triple -> WAREHOUSE + SATS_token + SATS_nexttoken
|
|
||||||
=========================================================*/
|
|
||||||
if( self::auth_level() == 3 ){
|
|
||||||
|
|
||||||
|
|
||||||
$checkBranch = new Repo('machine/checkToken', [ $_SESSION['WAREHOUSE']['id'], $_SESSION['AUTH'][1], $_SESSION['AUTH'][2] ]);
|
|
||||||
|
|
||||||
/* (1) Si le token n'est pas valide, on retourne une erreur */
|
|
||||||
if( $checkBranch->answer() === false )
|
|
||||||
return false;
|
|
||||||
|
|
||||||
/* (2) On met à jour les informations de l'administrateur */
|
|
||||||
$_SESSION['SATS'] = [
|
|
||||||
'id' => (int) $checkBranch->answer()
|
|
||||||
];
|
|
||||||
|
|
||||||
|
// TODO: implement USER database auth. check
|
||||||
|
// + set $_SESSION['USER']
|
||||||
|
// + return FALSE on error
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -232,12 +188,20 @@
|
||||||
if( in_array('user', $expected) && ( self::auth_level() < 1 || !isset($_SESSION['USER']['id']) ) )
|
if( in_array('user', $expected) && ( self::auth_level() < 1 || !isset($_SESSION['USER']['id']) ) )
|
||||||
return Err::PermissionError;
|
return Err::PermissionError;
|
||||||
|
|
||||||
|
/* (3) On retire 'admin', et 'user' de @expected
|
||||||
|
---------------------------------------------------------*/
|
||||||
|
$adminIndex = array_search('admin', $expected);
|
||||||
|
$userIndex = array_search('user', $expected);
|
||||||
|
if( is_int($adminIndex) ) unset($expected[$adminIndex]);
|
||||||
|
if( is_int($userIndex) ) unset($expected[$userIndex]);
|
||||||
|
|
||||||
/* [2] Gestion des permissions
|
|
||||||
|
/* [2] Gestion des permissions CUSTOM
|
||||||
=========================================================*/
|
=========================================================*/
|
||||||
|
|
||||||
/* (1) Vérification de toutes les permissions requises */
|
/* (1) Vérification de toutes les permissions requises */
|
||||||
foreach($expected as $permission)
|
foreach($expected as $permission)
|
||||||
|
|
||||||
// Si il manque au minimum une permission, on retourne FALSE
|
// Si il manque au minimum une permission, on retourne FALSE
|
||||||
if( !in_array($permission, $_SESSION['PERM']) )
|
if( !in_array($permission, $_SESSION['PERM']) )
|
||||||
return Err::PermissionError;
|
return Err::PermissionError;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue