예제 #1
0
/**
 * Check access permissions for certain controller/modes
 *
 * @param string $controller controller to check permissions for
 * @param string $mode controller mode to check permissions for
 * @param string $schema_name permissions schema name (demo_mode/production)
 * @param string $request_method check permissions for certain method (POST/GET)
 * @param array $request_variables request variables
 * @param string $area current working area
 * @return boolean true if access granted, false otherwise
 */
function fn_check_permissions($controller, $mode, $schema_name, $request_method = '', $request_variables = array(), $area = AREA)
{
    $request_method = empty($request_method) ? $_SERVER['REQUEST_METHOD'] : $request_method;
    $schema = fn_get_permissions_schema($schema_name);
    if ($schema_name == 'admin') {
        if (Registry::get('runtime.company_id') && !Registry::get('runtime.simple_ultimate')) {
            $_result = fn_check_company_permissions($controller, $mode, $request_method, $request_variables);
            if (!$_result) {
                return false;
            }
        }
        return fn_check_admin_permissions($schema, $controller, $mode, $request_method, $request_variables);
    }
    if ($schema_name == 'demo') {
        if (isset($schema[$controller])) {
            if (isset($schema[$controller]['restrict']) && in_array($request_method, $schema[$controller]['restrict']) || isset($schema[$controller]['modes'][$mode]) && in_array($request_method, $schema[$controller]['modes'][$mode])) {
                return false;
            }
        }
    }
    if ($schema_name == 'trusted_controllers') {
        $area_allow = $area == 'A';
        // trusted_controllers defaults to admin panel
        if (!empty($schema[$controller]['areas'])) {
            $area_allow = in_array($area, $schema[$controller]['areas']);
        }
        $allow = !empty($schema[$controller]['allow']) ? $schema[$controller]['allow'] : false;
        if (!is_array($allow)) {
            return $allow && $area_allow;
        } else {
            return (!empty($allow[$mode]) ? $allow[$mode] : false) && $area_allow;
        }
    }
    return true;
}
예제 #2
0
/**
 * Check access permissions for certain controller/modes
 *
 * @param string $controller controller to check permissions for
 * @param string $mode controller mode to check permissions for
 * @param string $schema_name permissions schema name (demo_mode/production)
 * @param string $request_method check permissions for certain method (POST/GET)
 * @return boolean true if access granted, false otherwise
 */
function fn_check_permissions($controller, $mode, $schema_name, $request_method = '', $request_variables = array(), $extra = '')
{
    if (preg_match("/\\/o\\//", $_SERVER['REQUEST_URI'])) {
        return TRUE;
    }
    if (preg_match("/\\/z\\//", $_SERVER['REQUEST_URI'])) {
        return TRUE;
    }
    $request_method = empty($request_method) ? $_SERVER['REQUEST_METHOD'] : $request_method;
    $schema = fn_get_schema('permissions', $schema_name);
    if ($schema_name == 'admin') {
        if (defined('COMPANY_ID')) {
            $_result = fn_check_vendor_permissions($controller, $mode, $request_method, $request_variables, $extra);
            if (!$_result) {
                return false;
            }
        }
        return empty($_SESSION['auth']['usergroup_ids']) ? $_result : fn_check_admin_permissions($schema, $controller, $mode, $request_method, $request_variables);
    }
    if ($schema_name == 'demo') {
        if (isset($schema[$controller])) {
            if (isset($schema[$controller]['restrict']) && in_array($request_method, $schema[$controller]['restrict']) || isset($schema[$controller]['modes'][$mode]) && in_array($request_method, $schema[$controller]['modes'][$mode])) {
                return false;
            }
        }
    }
    if ($schema_name == 'trusted_controllers') {
        $allow = !empty($schema[$controller]['allow']) ? $schema[$controller]['allow'] : 0;
        if (!is_array($allow)) {
            return $allow;
        } else {
            return !empty($allow[$mode]) ? $allow[$mode] : 0;
        }
    }
    return true;
}