diff --git a/4dev/tests/ACL/CoreLibsACLLoginTest.php b/4dev/tests/ACL/CoreLibsACLLoginTest.php
index 1062bb60..f29f02d7 100644
--- a/4dev/tests/ACL/CoreLibsACLLoginTest.php
+++ b/4dev/tests/ACL/CoreLibsACLLoginTest.php
@@ -12,6 +12,8 @@ Not yet covered tests:
- loginGetLocale
- loginGetHeaderColor
- loginGetPages
+- loginGetPageLookupList
+- loginPageAccessAllowed
- loginGetEuid
*/
diff --git a/www/admin/class_test.login.php b/www/admin/class_test.login.php
index 5b717b0b..ee0eef82 100644
--- a/www/admin/class_test.login.php
+++ b/www/admin/class_test.login.php
@@ -127,6 +127,12 @@ if (isset($login->loginGetAcl()['unit'])) {
// IP check: 'REMOTE_ADDR', 'HTTP_X_FORWARDED_FOR', 'CLIENT_IP' in _SERVER
// Agent check: 'HTTP_USER_AGENT'
+print "
";
+print "PAGE lookup:
";
+$file_name = 'test_edit_base.php';
+print "Access to '$file_name': " . $log->prAr($login->loginPageAccessAllowed($file_name)) . "
";
+$file_name = 'i_do_not_exists.php';
+print "Access to '$file_name': " . $log->prAr($login->loginPageAccessAllowed($file_name)) . "
";
echo "
";
print "SESSION: " . Support::printAr($_SESSION) . "
";
diff --git a/www/lib/CoreLibs/ACL/Login.php b/www/lib/CoreLibs/ACL/Login.php
index 205bd49f..3ba9a1cc 100644
--- a/www/lib/CoreLibs/ACL/Login.php
+++ b/www/lib/CoreLibs/ACL/Login.php
@@ -924,7 +924,9 @@ class Login
$mandatory_session_vars = [
'LOGIN_USER_NAME', 'LOGIN_GROUP_NAME', 'LOGIN_EUCUID', 'LOGIN_EUCUUID',
'LOGIN_USER_ADDITIONAL_ACL', 'LOGIN_GROUP_ADDITIONAL_ACL',
- 'LOGIN_ADMIN', 'LOGIN_GROUP_ACL_LEVEL', 'LOGIN_PAGES_ACL_LEVEL', 'LOGIN_USER_ACL_LEVEL',
+ 'LOGIN_ADMIN', 'LOGIN_GROUP_ACL_LEVEL',
+ 'LOGIN_PAGES', 'LOGIN_PAGES_LOOKUP', 'LOGIN_PAGES_ACL_LEVEL',
+ 'LOGIN_USER_ACL_LEVEL',
'LOGIN_UNIT', 'LOGIN_UNIT_DEFAULT_EACUID'
];
$force_reauth = false;
@@ -1264,6 +1266,7 @@ class Login
}
$edit_page_ids = [];
$pages = [];
+ $pages_lookup = [];
$pages_acl = [];
// set pages access
$q = << [],
'visible' => []
];
+ $pages_lookup[$res['filename']] = $res['cuid'];
// make reference filename -> level
$pages_acl[$res['filename']] = $res['level'];
} // for each page
@@ -1367,6 +1371,7 @@ class Login
// write back the pages data to the output array
$this->session->setMany([
'LOGIN_PAGES' => $pages,
+ 'LOGIN_PAGES_LOOKUP' => $pages_lookup,
'LOGIN_PAGES_ACL_LEVEL' => $pages_acl,
]);
// load the edit_access user rights
@@ -1526,6 +1531,8 @@ class Login
) {
$this->acl['page'] = $_SESSION['LOGIN_PAGES_ACL_LEVEL'][$this->page_name];
}
+ $this->acl['pages_detail'] = $_SESSION['LOGIN_PAGES'];
+ $this->acl['pages_lookup_cuid'] = $_SESSION['LOGIN_PAGES_LOOKUP'];
$this->acl['unit_cuid'] = null;
$this->acl['unit_name'] = null;
@@ -2728,6 +2735,31 @@ HTML;
return $this->session->get('LOGIN_PAGES');
}
+ /**
+ * Return the current loaded list of pages the user can access
+ *
+ * @return array
+ */
+ public function loginGetPageLookupList(): array
+ {
+ return $this->session->get('LOGIN_PAGES_LOOKUP');
+ }
+
+ /**
+ * Check access to a file in the pages list
+ *
+ * @param string $filename File name to check
+ * @return bool True if page in list and anything other than None access, False if failed
+ */
+ public function loginPageAccessAllowed(string $filename): bool
+ {
+ return (
+ $this->session->get('LOGIN_PAGES')[
+ $this->session->get('LOGIN_PAGES_LOOKUP')[$filename] ?? ''
+ ] ?? 0
+ ) != 0 ? true : false;
+ }
+
// MARK: logged in uid(pk)/eucuid/eucuuid
/**