Add permissions tables and API function

V2_Rewrite
Skylar Ittner 7 jaren geleden
bovenliggende 756484573a
commit 1a11f365f8

@ -228,6 +228,31 @@ switch ($VARS['action']) {
$data = $database->select('accounts', ['uid', 'username', 'realname (name)'], ["OR" => ['username[~]' => $VARS['search'], 'realname[~]' => $VARS['search']], "LIMIT" => 10]);
exit(json_encode(["status" => "OK", "result" => $data]));
break;
case "permission":
if (is_empty($VARS['code'])) {
header("HTTP/1.1 400 Bad Request");
die("\"400 Bad Request\"");
}
$perm = $VARS['code'];
if ($VARS['uid']) {
if ($database->has("accounts", ['uid' => $VARS['uid']])) {
$user = $database->select('accounts', ['username'], ['uid' => $VARS['uid']])[0]['username'];
} else {
exit(json_encode(["status" => "ERROR", "msg" => lang("user does not exist", false)]));
}
} else if ($VARS['username']) {
if ($database->has("accounts", ['username' => $VARS['username']])) {
$user = $VARS['username'];
} else {
exit(json_encode(["status" => "ERROR", "msg" => lang("user does not exist", false)]));
}
} else {
header("HTTP/1.1 400 Bad Request");
die("\"400 Bad Request\"");
}
$hasperm = account_has_permission($user, $perm);
exit(json_encode(["status" => "OK", "has_permission" => $hasperm]));
break;
default:
header("HTTP/1.1 400 Bad Request");
die("\"400 Bad Request\"");

Binair bestand niet weergegeven.

@ -236,6 +236,25 @@ function get_account_status($username, &$error) {
}
}
/**
* Check if the given username has the given permission (or admin access)
* @global $database $database
* @param string $username
* @param string $permcode
* @return boolean TRUE if the user has the permission (or admin access), else FALSE
*/
function account_has_permission($username, $permcode) {
global $database;
return $database->has('assigned_permissions', [
'[>]accounts' => [
'uid' => 'uid'
],
'[>]permissions' => [
'permid' => 'permid'
]
], ['AND' => ['OR' => ['permcode' => $permcode, 'permcode' => 'ADMIN'], 'username' => $username]]) === TRUE;
}
////////////////////////////////////////////////////////////////////////////////
// Login handling //
////////////////////////////////////////////////////////////////////////////////

Laden…
Annuleren
Opslaan