permissions RFM

This commit is contained in:
Fred Tempez 2020-11-09 15:43:19 +01:00
parent c5d4eb1a54
commit d7ca5f13fc
2 changed files with 14 additions and 17 deletions

View File

@ -2762,7 +2762,7 @@ class layout extends common {
$rightItems = '';
// if($this->getUser('group') >= self::GROUP_MODERATOR) {
if($this->getUser('group') >= self::GROUP_EDITOR) {
$rightItems .= '<li><a href="' . helper::baseUrl(false) . 'core/vendor/filemanager/dialog.php?type=0&akey=' . md5_file(self::DATA_DIR.'core.json') .'" data-tippy-content="Gérer les fichiers" data-lity>' . template::ico('folder') . '</a></li>';
$rightItems .= '<li><a href="' . helper::baseUrl(false) . 'core/vendor/filemanager/dialog.php?type=0&akey=' . md5_file(self::DATA_DIR.'core.json') .'&ext='.password_hash($this->getUser('group'),PASSWORD_BCRYPT).'" data-tippy-content="Gérer les fichiers" data-lity>' . template::ico('folder') . '</a></li>';
}
if($this->getUser('group') >= self::GROUP_ADMIN) {
$rightItems .= '<li><a href="' . helper::baseUrl() . 'user" data-tippy-content="Configurer les utilisateurs">' . template::ico('users') . '</a></li>';

View File

@ -13,14 +13,11 @@ ob_start('mb_output_handler');
date_default_timezone_set('Europe/Paris');
setlocale(LC_CTYPE, 'fr_FR'); //correct transliteration
// Validation des actions (delete, rename) par lecture du groupe de l'utilisateur via cookie et user.json
if( is_file('../../../site/data/user.json')){
$json = file_get_contents('../../../site/data/user.json');
$user = json_decode($json, true);
$val = $user['user'][$_COOKIE["ZWII_USER_ID"]]['group'] >= 3 ? true : false;
}
else{
$val = false;
// Validation des actions (delete, rename) par lecture du groupe de l'utilisateur transmis par l'URL
$access = false;
if ( password_verify('4',$_GET['ext'])
OR password_verify('3',$_GET['ext']) ) {
$access = true;
}
@ -347,18 +344,18 @@ $config = array(
//*************************
//Permissions configuration
//******************
'delete_files' => $val,
'delete_files' => $access,
'create_folders' => true,
'delete_folders' => $val,
'delete_folders' => $access,
'upload_files' => true,
'rename_files' => $val,
'rename_folders' => $val,
'rename_files' => $access,
'rename_folders' => $access,
'duplicate_files' => true,
'extract_files' => true,
'copy_cut_files' => $val, // for copy/cut files
'copy_cut_dirs' => $val, // for copy/cut directories
'chmod_files' => $val, // change file permissions
'chmod_dirs' => $val, // change folder permissions
'copy_cut_files' => $access, // for copy/cut files
'copy_cut_dirs' => $access, // for copy/cut directories
'chmod_files' => $access, // change file permissions
'chmod_dirs' => $access, // change folder permissions
'preview_text_files' => true, // eg.: txt, log etc.
'edit_text_files' => true, // eg.: txt, log etc.
'create_text_files' => true, // only create files with exts. defined in $config['editable_text_file_exts']