Compare commits
2 Commits
v9.40.0
...
feature/TT
| Author | SHA1 | Date | |
|---|---|---|---|
|
c7f3dd212e | ||
|
|
20c2c665d4 |
@@ -197,8 +197,10 @@ class Login
|
||||
// login html, if we are on an ajax page
|
||||
/** @var string|null */
|
||||
private ?string $login_html = '';
|
||||
/** @var bool */
|
||||
/** @var bool flag set on run */
|
||||
private bool $login_is_ajax_page = false;
|
||||
/** @var bool flag set on load */
|
||||
private bool $login_is_ajax_page_option = false;
|
||||
|
||||
// logging
|
||||
/** @var array<string> list of allowed types for edit log write */
|
||||
@@ -268,8 +270,6 @@ class Login
|
||||
}
|
||||
// init error array
|
||||
$this->loginInitErrorMessages();
|
||||
// acess right list
|
||||
$this->loginLoadAccessRightList();
|
||||
// log allowed write flags
|
||||
$this->loginSetEditLogWriteTypeAvailable();
|
||||
|
||||
@@ -342,6 +342,7 @@ class Login
|
||||
* locale_path <string>: absolue path to the locale folder
|
||||
* site_locale <string>: what locale to load
|
||||
* site_domain <string>: what domain (locale file name) to use
|
||||
* ajax_page <bool>: if we are loading from an AJAX page (eg backend)
|
||||
*
|
||||
* @param array<string,mixed> $options Options array from class load
|
||||
* @return bool True on ok, False on failure
|
||||
@@ -361,6 +362,15 @@ class Login
|
||||
$options['debug'] = false;
|
||||
}
|
||||
|
||||
// AUTO LOGIN
|
||||
if (
|
||||
!isset($options['ajax_page']) ||
|
||||
!is_bool($options['ajax_page'])
|
||||
) {
|
||||
$options['ajax_page'] = false;
|
||||
}
|
||||
$this->login_is_ajax_page_option = $options['ajax_page'];
|
||||
|
||||
// AUTO LOGIN
|
||||
if (
|
||||
!isset($options['auto_login']) ||
|
||||
@@ -691,6 +701,34 @@ class Login
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* get the default ACL list type
|
||||
* if not set loads it from DB
|
||||
*
|
||||
* @return array<string,int>
|
||||
*/
|
||||
private function loginGetAccessRightListType(): array
|
||||
{
|
||||
if (empty($this->default_acl_list_type)) {
|
||||
$this->loginLoadAccessRightList();
|
||||
}
|
||||
return $this->default_acl_list_type;
|
||||
}
|
||||
|
||||
/**
|
||||
* get the default ACL list
|
||||
* if not set loads from DB
|
||||
*
|
||||
* @return array<string|int, mixed>
|
||||
*/
|
||||
private function loginGetAccessRightList(): array
|
||||
{
|
||||
if (empty($this->default_acl_list)) {
|
||||
$this->loginLoadAccessRightList();
|
||||
}
|
||||
return $this->default_acl_list;
|
||||
}
|
||||
|
||||
/**
|
||||
* Improves the application's security over HTTP(S) by setting specific headers
|
||||
*
|
||||
@@ -1540,6 +1578,10 @@ class Login
|
||||
$this->acl['unit'] = [];
|
||||
$this->acl['unit_legacy'] = [];
|
||||
$this->acl['unit_detail'] = [];
|
||||
// integrate the type acl list, but only for the keyword -> level
|
||||
$this->acl['min'] = $this->loginGetAccessRightListType();
|
||||
// set the full acl list too (lookup level number and get level data)
|
||||
$this->acl['acl_list'] = $this->loginGetAccessRightList();
|
||||
|
||||
// PER ACCOUNT (UNIT/edit access)->
|
||||
foreach ($_SESSION['LOGIN_UNIT'] as $ea_cuid => $unit) {
|
||||
@@ -1561,7 +1603,7 @@ class Login
|
||||
'name' => $unit['name'],
|
||||
'uid' => $unit['uid'],
|
||||
'cuuid' => $unit['cuuid'],
|
||||
'level' => $this->default_acl_list[$this->acl['unit'][$ea_cuid]]['name'] ?? -1,
|
||||
'level' => $this->acl['acl_list'][$this->acl['unit'][$ea_cuid]]['name'] ?? -1,
|
||||
'level_number' => $this->acl['unit'][$ea_cuid],
|
||||
'default' => $unit['default'],
|
||||
'data' => $unit['data'],
|
||||
@@ -1582,10 +1624,6 @@ class Login
|
||||
}
|
||||
// set the default edit access
|
||||
$this->acl['default_edit_access'] = $_SESSION['LOGIN_UNIT_DEFAULT_EACUID'];
|
||||
// integrate the type acl list, but only for the keyword -> level
|
||||
$this->acl['min'] = $this->default_acl_list_type;
|
||||
// set the full acl list too (lookup level number and get level data)
|
||||
$this->acl['acl_list'] = $this->default_acl_list;
|
||||
// debug
|
||||
// $this->debug('ACL', $this->print_ar($this->acl));
|
||||
}
|
||||
@@ -2519,7 +2557,12 @@ HTML;
|
||||
// or need to pass it back
|
||||
// to the continue AJAX class for output back to the user
|
||||
$this->login_is_ajax_page = false;
|
||||
if ($ajax_page === true || !empty($GLOBALS['AJAX_PAGE'])) {
|
||||
if (
|
||||
$ajax_page === true ||
|
||||
$this->login_is_ajax_page_option == true ||
|
||||
// this is deprecated
|
||||
!empty($GLOBALS['AJAX_PAGE'])
|
||||
) {
|
||||
$this->login_is_ajax_page = true;
|
||||
}
|
||||
|
||||
@@ -3147,6 +3190,8 @@ HTML;
|
||||
*/
|
||||
public function loginGetAclList(?int $level = null): array
|
||||
{
|
||||
// make sure it is loaded
|
||||
$this->loginGetAccessRightList();
|
||||
// if no level given, return full list
|
||||
if (empty($level)) {
|
||||
return $this->default_acl_list;
|
||||
@@ -3169,6 +3214,9 @@ HTML;
|
||||
*/
|
||||
public function loginGetAclListFromType(string $type): int|bool
|
||||
{
|
||||
// make sure it is loaded
|
||||
$this->loginGetAccessRightListType();
|
||||
// if not et return false
|
||||
if (!isset($this->default_acl_list_type[$type])) {
|
||||
return false;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user