Filtrage par profil
This commit is contained in:
parent
55f8e592c8
commit
327bf0ddb6
@ -344,7 +344,7 @@ class layout extends common
|
||||
$items .= $this->getData(['theme', 'footer', 'displaymemberAccount']) === false ? ' class="displayNone">' : '>';
|
||||
$items .= '<wbr> | ';
|
||||
if (
|
||||
$this->getPermission('filemanager') === true
|
||||
$this->getUser('permission','filemanager') === true
|
||||
) {
|
||||
$items .= '<wbr>' . template::ico('folder', [
|
||||
'href' => helper::baseUrl(false) . 'core/vendor/filemanager/dialog.php?type=0&akey=' . md5_file(self::DATA_DIR . 'core.json') . '&lang=' . $this->getData(['user', $this->getUser('id'), 'language']),
|
||||
@ -498,7 +498,7 @@ class layout extends common
|
||||
&& $this->getData(['theme', 'menu', 'memberBar']) === true
|
||||
) {
|
||||
if (
|
||||
$this->getUser('group') >= self::GROUP_MEMBER && $this->getPermission('folder', 'share') === true
|
||||
$this->getUser('group') >= self::GROUP_MEMBER && $this->getUser('permission','folder', 'share') === true
|
||||
) {
|
||||
$itemsRight .= '<li>' . template::ico('folder', [
|
||||
'href' => helper::baseUrl(false) . 'core/vendor/filemanager/dialog.php?type=0&akey=' . md5_file(self::DATA_DIR . 'core.json') . '&lang=' . $this->getData(['user', $this->getUser('id'), 'language']),
|
||||
@ -936,7 +936,7 @@ class layout extends common
|
||||
$leftItems .= '</optgroup>';
|
||||
$leftItems .= '</select></li>';
|
||||
// Bouton Ajouter une page
|
||||
if ($this->getPermission('page', 'add')) {
|
||||
if ($this->getUser('permission','page', 'add')) {
|
||||
$leftItems .= '<li>' . template::ico('plus', [
|
||||
'href' => helper::baseUrl() . 'page/add',
|
||||
'help' => 'Nouvelle page ou barre latérale'
|
||||
@ -955,7 +955,7 @@ class layout extends common
|
||||
or $this->getUrl(0) === ''
|
||||
) {
|
||||
// Bouton Editer une page
|
||||
if ($this->getPermission('page', 'edit')) {
|
||||
if ($this->getUser('permission','page', 'edit')) {
|
||||
$leftItems .= '<li>' . template::ico('pencil', [
|
||||
'href' => helper::baseUrl() . 'page/edit/' . $this->getUrl(0),
|
||||
'help' => 'Éditer la page'
|
||||
@ -963,7 +963,7 @@ class layout extends common
|
||||
}
|
||||
// Bouton Editer le module d'une page
|
||||
if (
|
||||
$this->getPermission('page', 'module')
|
||||
$this->getUser('permission','page', 'module')
|
||||
&& $this->getData(['page', $this->getUrl(0), 'moduleId'])
|
||||
) {
|
||||
$leftItems .= '<li>' . template::ico('gear', [
|
||||
@ -973,7 +973,7 @@ class layout extends common
|
||||
}
|
||||
// Bouton dupliquer une page
|
||||
if (
|
||||
$this->getPermission('page', 'duplicate')
|
||||
$this->getUser('permission','page', 'duplicate')
|
||||
) {
|
||||
$leftItems .= '<li>' . template::ico('clone', [
|
||||
'href' => helper::baseUrl() . 'page/duplicate/' . $this->getUrl(0) . '&csrf=' . $_SESSION['csrf'],
|
||||
@ -983,7 +983,7 @@ class layout extends common
|
||||
}
|
||||
// Bouton Effacer une page
|
||||
if (
|
||||
$this->getPermission('page', 'delete')
|
||||
$this->getUser('permission','page', 'delete')
|
||||
) {
|
||||
$leftItems .= '<li>' . template::ico('trash', [
|
||||
'href' => helper::baseUrl() . 'page/delete/' . $this->getUrl(0) . '&csrf=' . $_SESSION['csrf'],
|
||||
@ -998,7 +998,7 @@ class layout extends common
|
||||
$rightItems = '';
|
||||
if (
|
||||
$this->getUser('group') >= self::GROUP_MODERATOR
|
||||
&& $this->getPermission('filemanager')
|
||||
&& $this->getUser('permission','filemanager')
|
||||
) {
|
||||
$rightItems .= '<li>' . template::ico('folder', [
|
||||
'help' => 'Fichiers',
|
||||
|
@ -699,9 +699,6 @@ class core extends common
|
||||
}
|
||||
}
|
||||
$action = array_key_exists($action, $module::$actions) ? $action : 'index';
|
||||
var_dump( $moduleId);
|
||||
var_dump ($action);
|
||||
var_dump ($this->getPermission('user', 'login'));
|
||||
if (array_key_exists($action, $module::$actions)) {
|
||||
$module->$action();
|
||||
$output = $module->output;
|
||||
@ -710,7 +707,7 @@ class core extends common
|
||||
($module::$actions[$action] === self::GROUP_VISITOR
|
||||
or ($this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD')
|
||||
and $this->getUser('group') >= $module::$actions[$action]
|
||||
and $this->getPermission($moduleId, $action)
|
||||
and $this->getUser('permission', $moduleId, $action)
|
||||
)
|
||||
)
|
||||
and $output['access'] === true
|
||||
|
@ -888,12 +888,14 @@ class common
|
||||
* @param int $key Clé de la valeur
|
||||
* @return string|null
|
||||
*/
|
||||
public function getUser($key)
|
||||
public function getUser($key, $perm1 = null, $perm2 = null)
|
||||
{
|
||||
if (is_array($this->user) === false) {
|
||||
return false;
|
||||
} elseif ($key === 'id') {
|
||||
return $this->getInput('ZWII_USER_ID');
|
||||
} elseif ($key === 'permission') {
|
||||
return $this->getPermission($perm1, $perm2);
|
||||
} elseif (array_key_exists($key, $this->user)) {
|
||||
return $this->user[$key];
|
||||
} else {
|
||||
@ -912,14 +914,12 @@ class common
|
||||
// if (is_array($this->user) === false) {
|
||||
// return false;
|
||||
// Administrateur, toutes les permissions
|
||||
//} elseif ($this->getUser('group') === self::GROUP_ADMIN) {
|
||||
// return true;
|
||||
// Groupe sans autorisation
|
||||
//} elseif ($this->getUser('group') < 1) {
|
||||
// return false;
|
||||
// Groupe avec profil, consultation des autorisations sur deux clés
|
||||
//} elseif (
|
||||
if ($key1
|
||||
if ($this->getUser('group') === self::GROUP_ADMIN) {
|
||||
return true;
|
||||
} elseif ($this->getUser('group') < 1) { // Groupe sans autorisation
|
||||
return false;
|
||||
} elseif ( // Groupe avec profil, consultation des autorisations sur deux clés
|
||||
$key1
|
||||
&& $key2
|
||||
&& $this->user
|
||||
&& $this->getData(['profil', $this->user['group'], $this->user['profil'], $key1])
|
||||
@ -935,9 +935,8 @@ class common
|
||||
) {
|
||||
return $this->getData(['profil', $this->user['group'], $this->user['profil'], $key1]);
|
||||
} else {
|
||||
// Permission non spécifiée dans le profil est autorisée par défaut pour le fonctionnement de $action
|
||||
// Une permission non spécifiée dans le profil est autorisée par défaut pour le fonctionnement de $action
|
||||
return true;
|
||||
//return false;
|
||||
}
|
||||
|
||||
}
|
||||
|
28
core/vendor/filemanager/config/config.php
vendored
28
core/vendor/filemanager/config/config.php
vendored
@ -21,11 +21,13 @@ setlocale(LC_CTYPE, $lang);
|
||||
$userId = $_COOKIE['ZWII_USER_ID'];
|
||||
$u = json_decode(file_get_contents('../../../site/data/user.json'), true);
|
||||
$g = json_decode(file_get_contents('../../../site/data/profil.json'), true);
|
||||
|
||||
// Lecture les droits
|
||||
if (!is_null($u) && !is_null($g) && !is_null($userId)) {
|
||||
$group = $u['user'][$userId]['group'];
|
||||
switch ($group) {
|
||||
case 3:
|
||||
// Accès admin
|
||||
$file['delete'] = true;
|
||||
$file['upload'] = true;
|
||||
$file['rename'] = true;
|
||||
@ -47,7 +49,11 @@ if (!is_null($u) && !is_null($g) && !is_null($userId)) {
|
||||
break;
|
||||
case 2:
|
||||
case 1:
|
||||
// Accès contrôlés par le profil
|
||||
$profil = $u['user'][$userId]['profil'];
|
||||
if ($g['profil'][$group][$profil]['filemanager'] === false)
|
||||
exit('Accès interdit');
|
||||
// lecture du profil
|
||||
if (!is_null($profil)) {
|
||||
$file = $g['profil'][$group][$profil]['file'];
|
||||
$folder = $g['profil'][$group][$profil]['folder'];
|
||||
@ -58,27 +64,9 @@ if (!is_null($u) && !is_null($g) && !is_null($userId)) {
|
||||
}
|
||||
break;
|
||||
}
|
||||
// Applique default si $profil null
|
||||
default:
|
||||
$file['delete'] = false;
|
||||
$file['upload'] = false;
|
||||
$file['rename'] = false;
|
||||
$file['duplicate'] = false;
|
||||
$file['extract'] = false;
|
||||
$file['copycut'] = false;
|
||||
$file['preview'] = false;
|
||||
$file['edit'] = false;
|
||||
$file['extract'] = false;
|
||||
$file['download'] = false;
|
||||
$file['chmod'] = false;
|
||||
$folder['create'] = false;
|
||||
$folder['create'] = false;
|
||||
$folder['delete'] = false;
|
||||
$folder['copycut'] = false;
|
||||
$folder['chmod'] = false;
|
||||
$uploadDir = null;
|
||||
$currentPath = '../../../site/file/source/';
|
||||
break;
|
||||
// Pas d'autorisation d'accès au gestionnaire de fichiers
|
||||
exit('Accès interdit');
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user