<?php

$perms = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/admin/private/permissions.json"), true);

if (isset($_OVERRIDEPERMISSION)) {
    $requested = $_OVERRIDEPERMISSION;
} else {
    $requested = substr(explode("/", $_SERVER["PHP_SELF"])[count(explode("/", $_SERVER["PHP_SELF"])) - 1], 0, -4);
}

$permsOkay = false;
foreach ($perms as $user => $uperms) {
    if ($user === $_DATA['id']) {
        if (in_array($requested, $uperms)) {
            $permsOkay = true;
        }
    }
}

if (!$permsOkay && $requested !== "denied") {
    if (isset($_PERMSFORAPI) && $_PERMSFORAPI) {
        $_GET['_'] = "api." . $requested;
        ob_end_clean();
        require_once $_SERVER['DOCUMENT_ROOT'] . "/admin/panes/denied.php";
        die();
    } else if (isset($_PERMSFORSSO) && $_PERMSFORSSO) {
        $_GET['_'] = "sso." . $requested;
        ob_end_clean();
        require_once $_SERVER['DOCUMENT_ROOT'] . "/admin/panes/denied.php";
        die();
    } else {
        $_GET['_'] = "dom." . $requested;
        ob_end_clean();
        require_once $_SERVER['DOCUMENT_ROOT'] . "/admin/panes/denied.php";
        die();
    }
}