示例#1
0
<?php

/* Codeine
 * @author bergstein@trickyplan.com
 * @description  
 * @package Codeine
 * @version 8.x
 */
setFn('Do', function ($Call) {
    if (isset($Call['Request'])) {
        foreach ($Call['HTTP']['Filter']['Request']['Rules'] as $FilterName => $Filter) {
            foreach ($Filter['Match'] as $Match) {
                if (F::Diff($Match, $Call['Request']) === null) {
                    if ($Filter['Decision']) {
                    } else {
                        F::Log('HTTP Request Filter *' . $FilterName . '* matched', LOG_WARNING, 'Security');
                        return false;
                    }
                }
            }
        }
    }
    return true;
});
示例#2
0
setFn('Route', function ($Call) {
    if (isset($Call['Static'])) {
    } else {
        $Call['Static'] = $Call['Links'];
        // FIXME
        F::Log('«Links» now «Static», please replace', LOG_WARNING);
    }
    if (strpos($Call['Run'], '?')) {
        list($Call['Run']) = explode('?', $Call['Run']);
    }
    if (isset($Call['Static'])) {
        if (is_string($Call['Run']) && isset($Call['Static'][$Call['Run']])) {
            if (isset($Rule['Debug']) && $Rule['Debug'] === true) {
                d(__FILE__, __LINE__, $Rule);
            }
            $Call['Run'] = $Call['Static'][$Call['Run']];
        }
    }
    unset($Call['Static']);
    return $Call;
});
setFn('Reverse', function ($Call) {
    if (isset($Call['Static'])) {
        foreach ($Call['Static'] as $Link => $Run) {
            if (F::Diff($Call['Run'], $Run) == null) {
                $Call['Link'] = $Link;
            }
        }
    }
    return $Call;
});
示例#3
0
<?php

/* Codeine
 * @author bergstein@trickyplan.com
 * @description  
 * @package Codeine
 * @version 8.x
 */
setFn('Start', function ($Call) {
    foreach ($Call['QoS']['Rules'] as $Name => $Rule) {
        if ($Rule['Weight'] >= $Call['QoS']['Weight']) {
            if (isset($Rule['Run']) && F::Diff($Rule['Run'], $Call) === null) {
                $Call['QoS']['Class'] = $Rule['Class'];
                $Call['QoS']['Weight'] = $Rule['Weight'];
            }
        }
    }
    return $Call;
});
setFn('Finish', function ($Call) {
    return $Call;
});
示例#4
0
             }
         }
         if (!isset($Rule['Weight'])) {
             $Rule['Weight'] = $Call['Weight'];
         }
         if ($Rule['Weight'] >= $Call['Weight']) {
             if (isset($Rule['Run']) && F::Diff($Rule['Run'], $Call) === null) {
                 if (!isset($Rule['Expression']) || F::Live($Rule['Expression'], $Call)) {
                     F::Log('Rule ' . $Name . ' applied', LOG_DEBUG, 'Security');
                     $Call['Decision'] = $Rule['Decision'];
                     $Call['Weight'] = $Rule['Weight'];
                     $Call['Rule'] = $Name;
                 }
             } else {
                 if (isset($Rule['Debug'])) {
                     F::Log('Diff ' . $Name . ' (Rule, Call)' . j(F::Diff($Rule['Run'], $Call)), LOG_INFO, 'Security');
                 }
             }
             if (isset($Call['Service']) && isset($Rule['Run']['Service']) && isset($Rule['Run']['Method']) && isset($Rule['Message'])) {
                 if ($Call['Service'] == $Rule['Run']['Service'] && $Call['Method'] == $Rule['Run']['Method']) {
                     $Call['Message'] = $Rule['Message'];
                 }
             }
         }
     }
 } else {
     F::Log('No rules loaded', LOG_WARNING);
 }
 if (isset($Call['Rule'])) {
     F::Log('Rule *' . $Call['Rule'] . '* decision *' . $Call['Decision'] . '* with weight ' . $Call['Weight'], LOG_INFO, 'Security');
 }
示例#5
0
<?php

/* Codeine
 * @author bergstein@trickyplan.com
 * @description  
 * @package Codeine
 * @version 8.x
 */
setFn('Check', function ($Call) {
    // Определить право
    foreach ($Call['Rights'] as $RID => $Right) {
        if (F::Diff($Right, $Call) === null) {
            $Call['Right'] = $RID;
            break;
        }
    }
    // Определить роль
    if (isset($Call['Session']['User']['Role'])) {
        $Call['Role'] = F::Merge($Call['Role'], $Call['Session']['User']['Role']);
    }
    // Проверить, если доступно
    if (isset($Call['Right'])) {
        foreach ($Call['Role'] as $Role) {
            if (isset($Call['Roles'][$Role])) {
                if (isset($Call['Roles'][$Role]['Rights'][$Call['Right']])) {
                    $Call['Decision'] = $Call['Roles'][$Role]['Rights'][$Call['Right']];
                } else {
                    F::Log('Permission for ' . $Call['Right'] . ' not configured', LOG_WARNING);
                }
            } else {
                F::Log('Unknown role', LOG_WARNING);
示例#6
0
<?php

/* Codeine
 * @author bergstein@trickyplan.com
 * @description  
 * @package Codeine
 * @version 8.x
 */
setFn('Check', function ($Call) {
    if (isset($Call['Session']['User']['Rights'])) {
        $UserRights = (array) explode(',', $Call['Session']['User']['Rights']);
    } else {
        $UserRights = [];
    }
    if (!empty($UserRights)) {
        foreach ($Call['Access']['Rights'] as $Name => $Rule) {
            if (($Diff = F::Diff($Rule, $Call['Run'])) === null) {
                $Call['Decision'] = in_array($Name, $UserRights);
                F::Log('Right applied: ' . $Name, LOG_INFO);
                break;
            }
        }
        F::Log('Final decision:' . ($Call['Decision'] ? 'Allow' : 'Deny'), LOG_INFO);
    }
    return $Call;
});