Commit
This commit is contained in:
parent
cf7aac0a0e
commit
41d6e6f9f4
@ -23,7 +23,7 @@ class AccessControl
|
|||||||
// routes that need power level 1 and up
|
// routes that need power level 1 and up
|
||||||
[
|
[
|
||||||
"routes" => [
|
"routes" => [
|
||||||
"race/"
|
"race/*"
|
||||||
],
|
],
|
||||||
"catcher" => [
|
"catcher" => [
|
||||||
"name" => "page",
|
"name" => "page",
|
||||||
@ -33,7 +33,7 @@ class AccessControl
|
|||||||
// routes that dont need any auth
|
// routes that dont need any auth
|
||||||
[
|
[
|
||||||
"routes" => [
|
"routes" => [
|
||||||
""
|
"*"
|
||||||
],
|
],
|
||||||
"catcher" => [
|
"catcher" => [
|
||||||
"name" => "nothing",
|
"name" => "nothing",
|
||||||
@ -46,6 +46,7 @@ class AccessControl
|
|||||||
strlen($this->app->config["root_url"])
|
strlen($this->app->config["root_url"])
|
||||||
);
|
);
|
||||||
|
|
||||||
|
// TODO: add error handling
|
||||||
foreach ($this->acl as $key => $value)
|
foreach ($this->acl as $key => $value)
|
||||||
{
|
{
|
||||||
$routes = $value["routes"];
|
$routes = $value["routes"];
|
||||||
@ -53,15 +54,23 @@ class AccessControl
|
|||||||
|
|
||||||
foreach ($routes as $key => $value)
|
foreach ($routes as $key => $value)
|
||||||
{
|
{
|
||||||
|
// if the end of the route is an asterisk we match everything after it
|
||||||
|
if ($value[-1] == '*')
|
||||||
|
{
|
||||||
|
// remove asterisk
|
||||||
|
$value = substr($value, 0, -1);
|
||||||
// check if string starts with
|
// check if string starts with
|
||||||
if (strncmp($this->currentPage, $value, strlen($value)) !== 0)
|
if (strncmp($this->currentPage, $value, strlen($value)) !== 0)
|
||||||
{
|
{
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
#if ($value !== $this->currentPage)
|
} else {
|
||||||
#{
|
// end is not an asterisk, match full string
|
||||||
# continue;
|
if ($value !== $this->currentPage)
|
||||||
#}
|
{
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (isset($catcher["args"]))
|
if (isset($catcher["args"]))
|
||||||
{
|
{
|
||||||
@ -79,10 +88,8 @@ class AccessControl
|
|||||||
|
|
||||||
private function page(int $powerLevel): void
|
private function page(int $powerLevel): void
|
||||||
{
|
{
|
||||||
if ($this->app->user->loggedIn && $this->app->user->powerLevel >= $powerLevel)
|
if (!$this->app->user->loggedIn || !($this->app->user->powerLevel >= $powerLevel))
|
||||||
{
|
{
|
||||||
# code...
|
|
||||||
} else {
|
|
||||||
http_response_code(401);
|
http_response_code(401);
|
||||||
$this->app->view("template/header", ["title" => "Ingen tilgang!"]);
|
$this->app->view("template/header", ["title" => "Ingen tilgang!"]);
|
||||||
$this->app->view("App/Core/AccessControl/unauthorized");
|
$this->app->view("App/Core/AccessControl/unauthorized");
|
||||||
|
|||||||
@ -1,2 +1,2 @@
|
|||||||
<h1>Ingen tilgang!</h1>
|
<h1>Ingen tilgang!</h1>
|
||||||
<p>Du har ikke tilstrekkelig tillatelse til å se denne siden.</p>
|
<p>Du har ikke tilstrekkelige tillatelser til å se denne siden.</p>
|
||||||
Reference in New Issue
Block a user