Filtrage par profil
This commit is contained in:
parent
55f8e592c8
commit
327bf0ddb6
@ -344,7 +344,7 @@ class layout extends common
|
|||||||
$items .= $this->getData(['theme', 'footer', 'displaymemberAccount']) === false ? ' class="displayNone">' : '>';
|
$items .= $this->getData(['theme', 'footer', 'displaymemberAccount']) === false ? ' class="displayNone">' : '>';
|
||||||
$items .= '<wbr> | ';
|
$items .= '<wbr> | ';
|
||||||
if (
|
if (
|
||||||
$this->getPermission('filemanager') === true
|
$this->getUser('permission','filemanager') === true
|
||||||
) {
|
) {
|
||||||
$items .= '<wbr>' . template::ico('folder', [
|
$items .= '<wbr>' . template::ico('folder', [
|
||||||
'href' => helper::baseUrl(false) . 'core/vendor/filemanager/dialog.php?type=0&akey=' . md5_file(self::DATA_DIR . 'core.json') . '&lang=' . $this->getData(['user', $this->getUser('id'), 'language']),
|
'href' => helper::baseUrl(false) . 'core/vendor/filemanager/dialog.php?type=0&akey=' . md5_file(self::DATA_DIR . 'core.json') . '&lang=' . $this->getData(['user', $this->getUser('id'), 'language']),
|
||||||
@ -498,7 +498,7 @@ class layout extends common
|
|||||||
&& $this->getData(['theme', 'menu', 'memberBar']) === true
|
&& $this->getData(['theme', 'menu', 'memberBar']) === true
|
||||||
) {
|
) {
|
||||||
if (
|
if (
|
||||||
$this->getUser('group') >= self::GROUP_MEMBER && $this->getPermission('folder', 'share') === true
|
$this->getUser('group') >= self::GROUP_MEMBER && $this->getUser('permission','folder', 'share') === true
|
||||||
) {
|
) {
|
||||||
$itemsRight .= '<li>' . template::ico('folder', [
|
$itemsRight .= '<li>' . template::ico('folder', [
|
||||||
'href' => helper::baseUrl(false) . 'core/vendor/filemanager/dialog.php?type=0&akey=' . md5_file(self::DATA_DIR . 'core.json') . '&lang=' . $this->getData(['user', $this->getUser('id'), 'language']),
|
'href' => helper::baseUrl(false) . 'core/vendor/filemanager/dialog.php?type=0&akey=' . md5_file(self::DATA_DIR . 'core.json') . '&lang=' . $this->getData(['user', $this->getUser('id'), 'language']),
|
||||||
@ -936,7 +936,7 @@ class layout extends common
|
|||||||
$leftItems .= '</optgroup>';
|
$leftItems .= '</optgroup>';
|
||||||
$leftItems .= '</select></li>';
|
$leftItems .= '</select></li>';
|
||||||
// Bouton Ajouter une page
|
// Bouton Ajouter une page
|
||||||
if ($this->getPermission('page', 'add')) {
|
if ($this->getUser('permission','page', 'add')) {
|
||||||
$leftItems .= '<li>' . template::ico('plus', [
|
$leftItems .= '<li>' . template::ico('plus', [
|
||||||
'href' => helper::baseUrl() . 'page/add',
|
'href' => helper::baseUrl() . 'page/add',
|
||||||
'help' => 'Nouvelle page ou barre latérale'
|
'help' => 'Nouvelle page ou barre latérale'
|
||||||
@ -955,7 +955,7 @@ class layout extends common
|
|||||||
or $this->getUrl(0) === ''
|
or $this->getUrl(0) === ''
|
||||||
) {
|
) {
|
||||||
// Bouton Editer une page
|
// Bouton Editer une page
|
||||||
if ($this->getPermission('page', 'edit')) {
|
if ($this->getUser('permission','page', 'edit')) {
|
||||||
$leftItems .= '<li>' . template::ico('pencil', [
|
$leftItems .= '<li>' . template::ico('pencil', [
|
||||||
'href' => helper::baseUrl() . 'page/edit/' . $this->getUrl(0),
|
'href' => helper::baseUrl() . 'page/edit/' . $this->getUrl(0),
|
||||||
'help' => 'Éditer la page'
|
'help' => 'Éditer la page'
|
||||||
@ -963,7 +963,7 @@ class layout extends common
|
|||||||
}
|
}
|
||||||
// Bouton Editer le module d'une page
|
// Bouton Editer le module d'une page
|
||||||
if (
|
if (
|
||||||
$this->getPermission('page', 'module')
|
$this->getUser('permission','page', 'module')
|
||||||
&& $this->getData(['page', $this->getUrl(0), 'moduleId'])
|
&& $this->getData(['page', $this->getUrl(0), 'moduleId'])
|
||||||
) {
|
) {
|
||||||
$leftItems .= '<li>' . template::ico('gear', [
|
$leftItems .= '<li>' . template::ico('gear', [
|
||||||
@ -973,7 +973,7 @@ class layout extends common
|
|||||||
}
|
}
|
||||||
// Bouton dupliquer une page
|
// Bouton dupliquer une page
|
||||||
if (
|
if (
|
||||||
$this->getPermission('page', 'duplicate')
|
$this->getUser('permission','page', 'duplicate')
|
||||||
) {
|
) {
|
||||||
$leftItems .= '<li>' . template::ico('clone', [
|
$leftItems .= '<li>' . template::ico('clone', [
|
||||||
'href' => helper::baseUrl() . 'page/duplicate/' . $this->getUrl(0) . '&csrf=' . $_SESSION['csrf'],
|
'href' => helper::baseUrl() . 'page/duplicate/' . $this->getUrl(0) . '&csrf=' . $_SESSION['csrf'],
|
||||||
@ -983,7 +983,7 @@ class layout extends common
|
|||||||
}
|
}
|
||||||
// Bouton Effacer une page
|
// Bouton Effacer une page
|
||||||
if (
|
if (
|
||||||
$this->getPermission('page', 'delete')
|
$this->getUser('permission','page', 'delete')
|
||||||
) {
|
) {
|
||||||
$leftItems .= '<li>' . template::ico('trash', [
|
$leftItems .= '<li>' . template::ico('trash', [
|
||||||
'href' => helper::baseUrl() . 'page/delete/' . $this->getUrl(0) . '&csrf=' . $_SESSION['csrf'],
|
'href' => helper::baseUrl() . 'page/delete/' . $this->getUrl(0) . '&csrf=' . $_SESSION['csrf'],
|
||||||
@ -998,7 +998,7 @@ class layout extends common
|
|||||||
$rightItems = '';
|
$rightItems = '';
|
||||||
if (
|
if (
|
||||||
$this->getUser('group') >= self::GROUP_MODERATOR
|
$this->getUser('group') >= self::GROUP_MODERATOR
|
||||||
&& $this->getPermission('filemanager')
|
&& $this->getUser('permission','filemanager')
|
||||||
) {
|
) {
|
||||||
$rightItems .= '<li>' . template::ico('folder', [
|
$rightItems .= '<li>' . template::ico('folder', [
|
||||||
'help' => 'Fichiers',
|
'help' => 'Fichiers',
|
||||||
|
@ -699,9 +699,6 @@ class core extends common
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
$action = array_key_exists($action, $module::$actions) ? $action : 'index';
|
$action = array_key_exists($action, $module::$actions) ? $action : 'index';
|
||||||
var_dump( $moduleId);
|
|
||||||
var_dump ($action);
|
|
||||||
var_dump ($this->getPermission('user', 'login'));
|
|
||||||
if (array_key_exists($action, $module::$actions)) {
|
if (array_key_exists($action, $module::$actions)) {
|
||||||
$module->$action();
|
$module->$action();
|
||||||
$output = $module->output;
|
$output = $module->output;
|
||||||
@ -710,7 +707,7 @@ class core extends common
|
|||||||
($module::$actions[$action] === self::GROUP_VISITOR
|
($module::$actions[$action] === self::GROUP_VISITOR
|
||||||
or ($this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD')
|
or ($this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD')
|
||||||
and $this->getUser('group') >= $module::$actions[$action]
|
and $this->getUser('group') >= $module::$actions[$action]
|
||||||
and $this->getPermission($moduleId, $action)
|
and $this->getUser('permission', $moduleId, $action)
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
and $output['access'] === true
|
and $output['access'] === true
|
||||||
|
@ -888,12 +888,14 @@ class common
|
|||||||
* @param int $key Clé de la valeur
|
* @param int $key Clé de la valeur
|
||||||
* @return string|null
|
* @return string|null
|
||||||
*/
|
*/
|
||||||
public function getUser($key)
|
public function getUser($key, $perm1 = null, $perm2 = null)
|
||||||
{
|
{
|
||||||
if (is_array($this->user) === false) {
|
if (is_array($this->user) === false) {
|
||||||
return false;
|
return false;
|
||||||
} elseif ($key === 'id') {
|
} elseif ($key === 'id') {
|
||||||
return $this->getInput('ZWII_USER_ID');
|
return $this->getInput('ZWII_USER_ID');
|
||||||
|
} elseif ($key === 'permission') {
|
||||||
|
return $this->getPermission($perm1, $perm2);
|
||||||
} elseif (array_key_exists($key, $this->user)) {
|
} elseif (array_key_exists($key, $this->user)) {
|
||||||
return $this->user[$key];
|
return $this->user[$key];
|
||||||
} else {
|
} else {
|
||||||
@ -912,21 +914,19 @@ class common
|
|||||||
// if (is_array($this->user) === false) {
|
// if (is_array($this->user) === false) {
|
||||||
// return false;
|
// return false;
|
||||||
// Administrateur, toutes les permissions
|
// Administrateur, toutes les permissions
|
||||||
//} elseif ($this->getUser('group') === self::GROUP_ADMIN) {
|
if ($this->getUser('group') === self::GROUP_ADMIN) {
|
||||||
// return true;
|
return true;
|
||||||
// Groupe sans autorisation
|
} elseif ($this->getUser('group') < 1) { // Groupe sans autorisation
|
||||||
//} elseif ($this->getUser('group') < 1) {
|
return false;
|
||||||
// return false;
|
} elseif ( // Groupe avec profil, consultation des autorisations sur deux clés
|
||||||
// Groupe avec profil, consultation des autorisations sur deux clés
|
$key1
|
||||||
//} elseif (
|
|
||||||
if ($key1
|
|
||||||
&& $key2
|
&& $key2
|
||||||
&& $this->user
|
&& $this->user
|
||||||
&& $this->getData(['profil', $this->user['group'], $this->user['profil'], $key1])
|
&& $this->getData(['profil', $this->user['group'], $this->user['profil'], $key1])
|
||||||
&& array_key_exists($key2, $this->getData(['profil', $this->user['group'], $this->user['profil'], $key1]))
|
&& array_key_exists($key2, $this->getData(['profil', $this->user['group'], $this->user['profil'], $key1]))
|
||||||
) {
|
) {
|
||||||
return $this->getData(['profil', $this->user['group'], $this->user['profil'], $key1, $key2]);
|
return $this->getData(['profil', $this->user['group'], $this->user['profil'], $key1, $key2]);
|
||||||
// Groupe avec profil, consultation des autorisations sur une seule clé
|
// Groupe avec profil, consultation des autorisations sur une seule clé
|
||||||
} elseif (
|
} elseif (
|
||||||
$key1
|
$key1
|
||||||
&& $this->user
|
&& $this->user
|
||||||
@ -935,9 +935,8 @@ class common
|
|||||||
) {
|
) {
|
||||||
return $this->getData(['profil', $this->user['group'], $this->user['profil'], $key1]);
|
return $this->getData(['profil', $this->user['group'], $this->user['profil'], $key1]);
|
||||||
} else {
|
} else {
|
||||||
// Permission non spécifiée dans le profil est autorisée par défaut pour le fonctionnement de $action
|
// Une permission non spécifiée dans le profil est autorisée par défaut pour le fonctionnement de $action
|
||||||
return true;
|
return true;
|
||||||
//return false;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
28
core/vendor/filemanager/config/config.php
vendored
28
core/vendor/filemanager/config/config.php
vendored
@ -21,11 +21,13 @@ setlocale(LC_CTYPE, $lang);
|
|||||||
$userId = $_COOKIE['ZWII_USER_ID'];
|
$userId = $_COOKIE['ZWII_USER_ID'];
|
||||||
$u = json_decode(file_get_contents('../../../site/data/user.json'), true);
|
$u = json_decode(file_get_contents('../../../site/data/user.json'), true);
|
||||||
$g = json_decode(file_get_contents('../../../site/data/profil.json'), true);
|
$g = json_decode(file_get_contents('../../../site/data/profil.json'), true);
|
||||||
|
|
||||||
// Lecture les droits
|
// Lecture les droits
|
||||||
if (!is_null($u) && !is_null($g) && !is_null($userId)) {
|
if (!is_null($u) && !is_null($g) && !is_null($userId)) {
|
||||||
$group = $u['user'][$userId]['group'];
|
$group = $u['user'][$userId]['group'];
|
||||||
switch ($group) {
|
switch ($group) {
|
||||||
case 3:
|
case 3:
|
||||||
|
// Accès admin
|
||||||
$file['delete'] = true;
|
$file['delete'] = true;
|
||||||
$file['upload'] = true;
|
$file['upload'] = true;
|
||||||
$file['rename'] = true;
|
$file['rename'] = true;
|
||||||
@ -47,7 +49,11 @@ if (!is_null($u) && !is_null($g) && !is_null($userId)) {
|
|||||||
break;
|
break;
|
||||||
case 2:
|
case 2:
|
||||||
case 1:
|
case 1:
|
||||||
|
// Accès contrôlés par le profil
|
||||||
$profil = $u['user'][$userId]['profil'];
|
$profil = $u['user'][$userId]['profil'];
|
||||||
|
if ($g['profil'][$group][$profil]['filemanager'] === false)
|
||||||
|
exit('Accès interdit');
|
||||||
|
// lecture du profil
|
||||||
if (!is_null($profil)) {
|
if (!is_null($profil)) {
|
||||||
$file = $g['profil'][$group][$profil]['file'];
|
$file = $g['profil'][$group][$profil]['file'];
|
||||||
$folder = $g['profil'][$group][$profil]['folder'];
|
$folder = $g['profil'][$group][$profil]['folder'];
|
||||||
@ -58,27 +64,9 @@ if (!is_null($u) && !is_null($g) && !is_null($userId)) {
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
// Applique default si $profil null
|
|
||||||
default:
|
default:
|
||||||
$file['delete'] = false;
|
// Pas d'autorisation d'accès au gestionnaire de fichiers
|
||||||
$file['upload'] = false;
|
exit('Accès interdit');
|
||||||
$file['rename'] = false;
|
|
||||||
$file['duplicate'] = false;
|
|
||||||
$file['extract'] = false;
|
|
||||||
$file['copycut'] = false;
|
|
||||||
$file['preview'] = false;
|
|
||||||
$file['edit'] = false;
|
|
||||||
$file['extract'] = false;
|
|
||||||
$file['download'] = false;
|
|
||||||
$file['chmod'] = false;
|
|
||||||
$folder['create'] = false;
|
|
||||||
$folder['create'] = false;
|
|
||||||
$folder['delete'] = false;
|
|
||||||
$folder['copycut'] = false;
|
|
||||||
$folder['chmod'] = false;
|
|
||||||
$uploadDir = null;
|
|
||||||
$currentPath = '../../../site/file/source/';
|
|
||||||
break;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user