Stafett-for-livet/web
Archived
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

Commit

Browse Source
This commit is contained in:
William 2022-03-19 18:41:57 +01:00
parent cf7aac0a0e
commit 41d6e6f9f4
2 changed files with 21 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
app/lib/App/Core/AccessControl.php
View File

@ -23,7 +23,7 @@ class AccessControl
// routes that need power level 1 and up
[
"routes" => [
"race/"
"race/*"
],
"catcher" => [
"name" => "page",
@ -33,7 +33,7 @@ class AccessControl
// routes that dont need any auth
[
"routes" => [
""
"*"
],
"catcher" => [
"name" => "nothing",
@ -46,6 +46,7 @@ class AccessControl
strlen($this->app->config["root_url"])
);
// TODO: add error handling
foreach ($this->acl as $key => $value)
{
$routes = $value["routes"];
@ -53,15 +54,23 @@ class AccessControl
foreach ($routes as $key => $value)
{
// if the end of the route is an asterisk we match everything after it
if ($value[-1] == '*')
{
// remove asterisk
$value = substr($value, 0, -1);
// check if string starts with
if (strncmp($this->currentPage, $value, strlen($value)) !== 0)
{
continue;
}
#if ($value !== $this->currentPage)
#{
# continue;
#}
} else {
// end is not an asterisk, match full string
if ($value !== $this->currentPage)
{
continue;
}
}
if (isset($catcher["args"]))
{
@ -79,10 +88,8 @@ class AccessControl
private function page(int $powerLevel): void
{
if ($this->app->user->loggedIn && $this->app->user->powerLevel >= $powerLevel)
if (!$this->app->user->loggedIn || !($this->app->user->powerLevel >= $powerLevel))
{
# code...
} else {
http_response_code(401);
$this->app->view("template/header", ["title" => "Ingen tilgang!"]);
$this->app->view("App/Core/AccessControl/unauthorized");

2
app/view/App/Core/AccessControl/unauthorized.php
View File

@ -1,2 +1,2 @@
<h1>Ingen tilgang!</h1>
<p>Du har ikke tilstrekkelig tillatelse til å se denne siden.</p>
<p>Du har ikke tilstrekkelige tillatelser til å se denne siden.</p>