/**
* Sends a standard {"error":X} JSON Object
* @param int $e Error code
*/
public function sendError($e, $code = 401)
{
Core\Context::setHeaderCode($code);
$this->send(array('error' => $e));
exit;
}
/**
* <p><b>Must be called AFTER Core\Auth::login()</b></p>
* Allows access only to logged users that have a level equal to or less than provided role. If permission is nsot granted, it will automatically redirect the user to the login module.
* <p><b>Note that while it's doing all login/auth/redirection work automatically, you still have to create the corresponding user table in your database in addition to provide the login module into orion's module directory.</b></p>
* @see Core\Auth
* MainConfig
* LoginModule
* @param string $slug the role identifier (ie: 'administrator', 'member', etc.). See your configuration file for a liste of roles and their permission level.
* @return bool TRUE if user has the permission, FALSE otherwise (even if redirected)
*/
public static function allow($slug, $noredirect = false)
{
if (!self::logged()) {
self::login();
}
$roles = \Orion::config()->get('AUTH_ROLES');
if (!array_key_exists($slug, $roles)) {
throw new Exception('Unable to restrict access, role [' . $slug . '] does not exist.', E_USER_ERROR, __CLASS__);
}
if (self::$user == null || empty(self::$user->level) || self::$user->level <= 0) {
throw new Exception('Missing user information. See Core\\Auth for more info.', E_USER_ERROR, __CLASS__);
}
if (self::$user->level > $roles[$slug]) {
Context::setHeaderCode(403);
if (!$noredirect) {
Context::redirect(Context::genModuleURL('users', 'error-' . self::E_LEVEL_RESTRICT, 'default'));
}
return false;
} else {
return true;
}
}
