1 files changed, 37 insertions, 0 deletions

diff --git a/admin/private/permissions.php b/admin/private/permissions.php
new file mode 100644
index 0000000..6ad7057
--- /dev/null
+++ b/admin/private/permissions.php
@@ -0,0 +1,37 @@
+<?php
+
+$perms = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/admin/private/permissions.json"), true);
+
+if (isset($_OVERRIDEPERMISSION)) {
+    $requested = $_OVERRIDEPERMISSION;
+} else {
+    $requested = substr(explode("/", $_SERVER["PHP_SELF"])[count(explode("/", $_SERVER["PHP_SELF"])) - 1], 0, -4);
+}
+
+$permsOkay = false;
+foreach ($perms as $user => $uperms) {
+    if ($user === $_DATA['id']) {
+        if (in_array($requested, $uperms)) {
+            $permsOkay = true;
+        }
+    }
+}
+
+if (!$permsOkay && $requested !== "denied") {
+    if (isset($_PERMSFORAPI) && $_PERMSFORAPI) {
+        $_GET['_'] = "api." . $requested;
+        ob_end_clean();
+        require_once $_SERVER['DOCUMENT_ROOT'] . "/admin/panes/denied.php";
+        die();
+    } else if (isset($_PERMSFORSSO) && $_PERMSFORSSO) {
+        $_GET['_'] = "sso." . $requested;
+        ob_end_clean();
+        require_once $_SERVER['DOCUMENT_ROOT'] . "/admin/panes/denied.php";
+        die();
+    } else {
+        $_GET['_'] = "dom." . $requested;
+        ob_end_clean();
+        require_once $_SERVER['DOCUMENT_ROOT'] . "/admin/panes/denied.php";
+        die();
+    }
+}
\ No newline at end of file