twisterarmy/twister
1
0
Fork 0
mirror of https://github.com/twisterarmy/twister.git synced 2025-03-13 05:41:22 +00:00
Code Issues Projects Releases Wiki Activity

Browse Source
This commit is contained in:
therselman 2017-08-04 06:47:53 +02:00
parent b7d7c9271a
commit 765c631803
3 changed files with 104 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/Response.php
View File

@ -40,9 +40,10 @@ class Response
$paths = $c->config['paths']; $paths = $c->config['paths'];
// Load layout/template specific default configuration //
//(require __DIR__ . '/../layouts/' . $layout . '.php')($this); // requires Less!?!? WHY??? // Load layout
(require $paths['layouts'] . $layout . '.php')($this); // requires Less!?!? WHY??? //
(require $paths['layouts'] . $layout . '.php')($this);
// Load route specific page configuration // Load route specific page configuration
if (is_string($mixed)) if (is_string($mixed))
@ -68,7 +69,7 @@ class Response
$path = $paths['elements']; $path = $paths['elements'];
// //
// Process Element Initialization // Execute Element Init
// //
foreach ($this->elements as $element) foreach ($this->elements as $element)
{ {

41
src/Session.php
View File

@ -6,15 +6,52 @@ class Session
{ {
private static $_db = null; private static $_db = null;
function __construct(DB &$db) function __construct(Db &$db)
{ {
session_set_save_handler('Session::open', 'Session::close', 'Session::read', 'Session::write', 'Session::destroy', 'Session::gc'); session_set_save_handler('Session::open', 'Session::close', 'Session::read', 'Session::write', 'Session::destroy', 'Session::gc');
register_shutdown_function('session_write_close'); // register_shutdown_function('session_write_close');
session_set_cookie_params(0, '/', null, true, true); session_set_cookie_params(0, '/', null, true, true);
self::$_db = $db; self::$_db = $db;
session_start(); session_start();
} }
function __destruct()
{
session_write_close();
}
/**
* Get member by id/index
*
* @param string|int $key
* @return mixed
*/
public function __get($key)
{
return $_SESSION[$key];
}
/**
* Set member by id/index
*
* @param string|int $key
* @param mixed $value
* @return void
*/
public function __set($key, $value)
{
$_SESSION[$key] = $value;
}
function __isset($key)
{
return isset($_SESSION[$key]);
}
function __unset($key)
{
unset($_SESSION[$key]);
}
static function open($sp, $sn) static function open($sp, $sn)
{ {
return true; return true;

79
src/User.php
View File

@ -4,37 +4,60 @@ namespace Twister;
class User class User
{ {
private $container = null;
public $id = 0; public $id = 0;
private $_properties = null; private $_properties = null;
private $_db = null; private $_db = null;
private $_permissions = null; private $_permissions = null;
function __construct(db &$db) function __construct(Container &$c, $id = 0)
{ {
$this->_db = $db; $this->container = $c;
if (isset($_SESSION['id'])) $this->_db = $c->db;
$this->id = $id;
if ($id)
{ {
$this->id = $_SESSION['id'];
// $this->load_config();
// $this->load_profile();
$this->load_permissions(); $this->load_permissions();
} }
// else
// $this->id = false;
// TODO: This section needs work!
else if (/*request::$https && */ isset($_COOKIE['HTTPS_ONLY'])) // NOTE: We should ALREADY be on request::$https!!! Because it's checked before user::init() is called!
{ // We need to redirect to the user login page ... and stop there! ... actually ... we are just gonna clear the HTTPS_ONLY cookie, because the user.id is no longer valid!
// redirect('/login?next=' . urlencode(env::canonical('https:')) . '&message=session-expired'); // `URI request too long` ... basically it goes into an infinite loop!
setcookie('HTTPS_ONLY', null, -1, '/');
unset($_COOKIE['HTTPS_ONLY']);
// env::https_redirect('/login?next=' . url_encode(...)); // User session probably expired! maybe we should show a message in /login and unset the cookie there! Like `Your session has expired please login again!` or whatever!
}
} }
private static function load_permissions() /**
* Get member by id/index
*
* @param string|int $key
* @return mixed
*/
public function __get($key)
{ {
self::$_permissions = $this->_db->get_array( 'SELECT SQL_CACHE ' . // cached because these tables are less frequenty updated! return $this->_properties[$key];
}
/**
* Set member by id/index
*
* @param string|int $key
* @param mixed $value
* @return void
*/
public function __set($key, $value)
{
$this->_properties[$key] = $value;
}
function __isset($key)
{
return isset($this->_properties[$key]);
}
function __unset($key)
{
unset($this->_properties[$key]);
}
private function load_permissions()
{
$this->_permissions = $this->_db->get_array( 'SELECT SQL_CACHE ' . // cached because these tables are less frequenty updated!
'g.alias as g_alias,' . 'g.alias as g_alias,' .
'p.alias as p_alias,' . 'p.alias as p_alias,' .
'acl.object_id' . 'acl.object_id' .
@ -43,27 +66,27 @@ class User
' JOIN acl_groups g ON g.id = p.group_id' . ' JOIN acl_groups g ON g.id = p.group_id' .
' WHERE acl.user_id = ' . $this->id . ' WHERE acl.user_id = ' . $this->id .
' AND acl.disabled = 0', ' AND acl.disabled = 0',
array('g_alias', 'p_alias', 'object_id'), array('object_id')); ['g_alias', 'p_alias', 'object_id'], ['object_id']);
} }
static function permission($group_alias, $permission_alias, $query_data = null, $object = 0) function permission($group_alias, $permission_alias, $query_data = null, $object = 0)
{ {
if (!is_array($object)) if (!is_array($object))
{ {
if (isset(self::$_permissions[$group_alias][$permission_alias][$object])) return true; if (isset($this->_permissions[$group_alias][$permission_alias][$object])) return true;
} }
else // used when we want to specify default zero OR a value ... eg. array(0, 13); else // used when we want to specify default zero OR a value ... eg. array(0, 13);
foreach ($object as $obj) if (isset(self::$_permissions[$group_alias][$permission_alias][$obj])) return true; foreach ($object as $obj) if (isset($this->_permissions[$group_alias][$permission_alias][$obj])) return true;
if (isset(self::$_permissions['administrators']['super'])) return true; // super-admin bypass! if (isset($this->_permissions['administrators']['super'])) return true; // super-admin bypass!
if (isset($query_data)) if (isset($query_data))
{ {
if (is_string($query_data)) $query_data = array('next' => $query_data); if (is_string($query_data)) $query_data = ['next' => $query_data];
$query_data['warning'] = 'Protected Area! Login with relevant permissions required!'; // <== TODO: Translate this!!! Or send a constant! $query_data['warning'] = 'Protected Area! Login with relevant permissions required!'; // <== TODO: Translate this!!! Or send a constant!
redirect('/login', $query_data); $this->container->request->redirect('/login', $query_data);
} }
return false; return false;
} }
static function permissions($group_alias, $permission_alias) function permissions($group_alias, $permission_alias)
{ {
return isset(self::$_permissions[$group_alias][$permission_alias]) ? array_keys(self::$_permissions[$group_alias][$permission_alias]) : array(); return isset($this->_permissions[$group_alias][$permission_alias]) ? array_keys($this->_permissions[$group_alias][$permission_alias]) : array();
} }
} }