/** * @param \NekoPHP\Modules\User\Models\User $user * @param string $permission * @param bool $redirect * @return bool */ public static function checkPermission($user, $permission = null, $redirect = false) { // check if the user is logged in if (!$user instanceof self) { if ($redirect) { Session::setOnce('login-redirect-to', NekoPHP::getCurrentUrl()); Session::setOnce('error', 'You must be logged in to view this page'); return NekoPHP::redirect(NekoPHP::getBaseUrl() . '/user/login'); } return false; } // if no permission is set, we only wanted the user to be logged in properly if ($permission === null) { return true; } $method = 'get' . $permission; // check wether the user has the requested permission if (!$user->getPermissions()->{$method}()) { if ($redirect) { Session::setOnce('error', 'You do not have permission to view this page'); return NekoPHP::redirect(NekoPHP::getBaseUrl()); } return false; } return true; }
/** * @return array[string => mixed] */ public static function before() { $user = null; // initialize session Session::init(); // setup twig $twig = new \Twig_Environment(new \Twig_Loader_Filesystem()); $twig->getLoader()->addPath(__DIR__ . '/Twig'); $twig->addGlobal('asset', Settings::load('settings')->get('asset-url')); $twig->addGlobal('base_url', NekoPHP::getBaseUrl()); // add the current user object to twig, if it exists $user_id = Session::get('user_id'); // set the user if a user_id is set if ($user_id > 0) { $user = new \NekoPHP\Modules\User\Models\User($user_id); $twig->addGlobal('cuser', $user); } // add one-time alerts foreach (['success', 'info', 'warning', 'error'] as $alert) { if (Session::existsOnce($alert)) { $twig->addGlobal('alert_' . $alert, Session::getOnce($alert)); } } return ['cuser' => $user, 'twig' => $twig]; }
/** * @param array[string] $parts * @param array[string] $mod * @return string */ public static function main($parts, $mod) { if (Session::get('user_id') === null) { Session::setOnce('warning', "You aren't logged in"); NekoPHP::redirect(NekoPHP::getModuleUrl() . '/login'); } Session::set('user_id', null); Session::setOnce('success', 'You have been logged out'); NekoPHP::redirect(NekoPHP::getBaseUrl()); }