From 94c57fa247ba107fce8fc1d1fc355191229dbddc Mon Sep 17 00:00:00 2001 From: Minteck Date: Sun, 8 Aug 2021 22:31:51 +0200 Subject: Permissions system --- admin/private/header.api.php | 14 ++++++++++++++ admin/private/header.php | 20 +++++++++++++++++++- admin/private/header.sso.php | 25 +++++++++++++++++++++++++ admin/private/permissions.json | 22 ++++++++++++++++++++++ admin/private/permissions.php | 37 +++++++++++++++++++++++++++++++++++++ 5 files changed, 117 insertions(+), 1 deletion(-) create mode 100644 admin/private/header.sso.php create mode 100644 admin/private/permissions.json create mode 100644 admin/private/permissions.php (limited to 'admin/private') diff --git a/admin/private/header.api.php b/admin/private/header.api.php index 132e75f..a8fdee8 100644 --- a/admin/private/header.api.php +++ b/admin/private/header.api.php @@ -8,4 +8,18 @@ if (!isset($_COOKIE["ADMIN_TOKEN"])) { } else { header("Location: https://jetbrains.minteck.ro.lt:1024/hub/hub/api/rest/oauth2/auth?client_id=36245ba5-ee9f-44c1-a149-ab2006fcb226&response_type=code&redirect_uri=https://minteck.ro.lt/admin/callback&scope=hub&request_credentials=default&access_type=offline"); die(); +} + +$_PERMSFORAPI = true; +require_once $_SERVER['DOCUMENT_ROOT'] . "/admin/private/permissions.php"; + +function l($en, $fr = null) { + global $lang; + + if ((($lang === "fr" && isset($fr)) || (isset($_GET['fr']) && isset($fr) || isset($_COOKIE['fr']))) && !isset($_GET['en']) && !isset($_COOKIE['en']) && isset($fr)) { + setlocale(LC_TIME, array('fr_FR.UTF-8','fr_FR@euro','fr_FR','french')); + return $fr; + } else { + return $en; + } } \ No newline at end of file diff --git a/admin/private/header.php b/admin/private/header.php index ddbee58..454fa7d 100644 --- a/admin/private/header.php +++ b/admin/private/header.php @@ -10,13 +10,31 @@ if (!isset($_COOKIE["ADMIN_TOKEN"])) { die(); } +$_PERMSFORAPI = false; +require_once $_SERVER['DOCUMENT_ROOT'] . "/admin/private/permissions.php"; + +if (!function_exists("l")) { + function l($en, $fr = null) { + global $lang; + + if ((($lang === "fr" && isset($fr)) || (isset($_GET['fr']) && isset($fr) || isset($_COOKIE['fr']))) && !isset($_GET['en']) && !isset($_COOKIE['en']) && isset($fr)) { + setlocale(LC_TIME, array('fr_FR.UTF-8','fr_FR@euro','fr_FR','french')); + return $fr; + } else { + return $en; + } + } +} + +ob_start(); + ?> - Minteck Admin + Minteck Cloud Admin Console diff --git a/admin/private/header.sso.php b/admin/private/header.sso.php new file mode 100644 index 0000000..5911f62 --- /dev/null +++ b/admin/private/header.sso.php @@ -0,0 +1,25 @@ + $uperms) { + if ($user === $_DATA['id']) { + if (in_array($requested, $uperms)) { + $permsOkay = true; + } + } +} + +if (!$permsOkay && $requested !== "denied") { + if (isset($_PERMSFORAPI) && $_PERMSFORAPI) { + $_GET['_'] = "api." . $requested; + ob_end_clean(); + require_once $_SERVER['DOCUMENT_ROOT'] . "/admin/panes/denied.php"; + die(); + } else if (isset($_PERMSFORSSO) && $_PERMSFORSSO) { + $_GET['_'] = "sso." . $requested; + ob_end_clean(); + require_once $_SERVER['DOCUMENT_ROOT'] . "/admin/panes/denied.php"; + die(); + } else { + $_GET['_'] = "dom." . $requested; + ob_end_clean(); + require_once $_SERVER['DOCUMENT_ROOT'] . "/admin/panes/denied.php"; + die(); + } +} \ No newline at end of file -- cgit