Jingga/oms-Admin
1
0
Fork 0
mirror of https://github.com/Karaka-Management/oms-Admin.git synced 2026-01-28 12:38:40 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Change permission check from int to string

Browse Source
This commit is contained in:
Dennis Eichhorn 2018-03-09 22:26:22 +01:00
parent d3d513812f
commit a9ab7af658
4 changed files with 48 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
Admin/Install/Navigation.install.json
View File

@ -10,7 +10,7 @@
"icon": "fa fa-lock",
"order": 1,
"from": "Admin",
"permission": null,
"permission": { "type": null, "element": null },
"parent": 0,
"children": [
{
@ -24,7 +24,7 @@
"icon": null,
"order": 1,
"from": "Admin",
"permission": null,
"permission": { "type": null, "element": null },
"parent": 1000101001,
"children": []
},
@ -39,7 +39,7 @@
"icon": null,
"order": 2,
"from": "Admin",
"permission": null,
"permission": { "type": null, "element": null },
"parent": 1000101001,
"children": [
{
@ -53,7 +53,7 @@
"icon": null,
"order": 1,
"from": "Admin",
"permission": null,
"permission": { "type": null, "element": null },
"parent": 1000103001,
"children": []
},
@ -68,7 +68,7 @@
"icon": null,
"order": 5,
"from": "Admin",
"permission": null,
"permission": { "type": null, "element": null },
"parent": 1000103001,
"children": []
}
@ -85,7 +85,7 @@
"icon": null,
"order": 3,
"from": "Admin",
"permission": null,
"permission": { "type": null, "element": null },
"parent": 1000101001,
"children": [
{
@ -99,7 +99,7 @@
"icon": null,
"order": 1,
"from": "Admin",
"permission": null,
"permission": { "type": null, "element": null },
"parent": 1000104001,
"children": []
},
@ -114,7 +114,7 @@
"icon": null,
"order": 5,
"from": "Admin",
"permission": null,
"permission": { "type": null, "element": null },
"parent": 1000104001,
"children": []
}
@ -131,7 +131,7 @@
"icon": null,
"order": 4,
"from": "Admin",
"permission": null,
"permission": { "type": null, "element": null },
"parent": 1000101001,
"children": [
{
@ -145,7 +145,7 @@
"icon": null,
"order": 4,
"from": "Admin",
"permission": null,
"permission": { "type": null, "element": null },
"parent": 1000105001,
"children": []
}

51
Controller.php
View File

@ -120,7 +120,7 @@ class Controller extends ModuleAbstract implements WebInterface
$view = new View($this->app, $request, $response);
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::SETTINGS)
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::SETTINGS)
) {
$view->setTemplate('/Web/Backend/Error/403_inline');
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
@ -161,7 +161,7 @@ class Controller extends ModuleAbstract implements WebInterface
$view = new View($this->app, $request, $response);
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::ACCOUNT)
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ACCOUNT)
) {
$view->setTemplate('/Web/Backend/Error/403_inline');
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
@ -193,7 +193,7 @@ class Controller extends ModuleAbstract implements WebInterface
$view = new View($this->app, $request, $response);
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::ACCOUNT)
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ACCOUNT)
) {
$view->setTemplate('/Web/Backend/Error/403_inline');
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
@ -234,7 +234,7 @@ class Controller extends ModuleAbstract implements WebInterface
$view = new View($this->app, $request, $response);
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::ACCOUNT)
PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ACCOUNT)
) {
$view->setTemplate('/Web/Backend/Error/403_inline');
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
@ -264,7 +264,7 @@ class Controller extends ModuleAbstract implements WebInterface
$view = new View($this->app, $request, $response);
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::GROUP)
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::GROUP)
) {
$view->setTemplate('/Web/Backend/Error/403_inline');
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
@ -295,7 +295,7 @@ class Controller extends ModuleAbstract implements WebInterface
$view = new View($this->app, $request, $response);
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::MODIFY, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::GROUP)
PermissionType::MODIFY, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::GROUP)
) {
$view->setTemplate('/Web/Backend/Error/403_inline');
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
@ -336,7 +336,7 @@ class Controller extends ModuleAbstract implements WebInterface
$view = new View($this->app, $request, $response);
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::GROUP)
PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::GROUP)
) {
$view->setTemplate('/Web/Backend/Error/403_inline');
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
@ -366,7 +366,7 @@ class Controller extends ModuleAbstract implements WebInterface
$view = new View($this->app, $request, $response);
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::MODULE)
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::MODULE)
) {
$view->setTemplate('/Web/Backend/Error/403_inline');
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
@ -395,7 +395,7 @@ class Controller extends ModuleAbstract implements WebInterface
$view = new View($this->app, $request, $response);
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::MODULE)
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::MODULE)
) {
$view->setTemplate('/Web/Backend/Error/403_inline');
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
@ -421,7 +421,7 @@ class Controller extends ModuleAbstract implements WebInterface
public function apiSettingsGet(RequestAbstract $request, ResponseAbstract $response, $data = null) /* : void */
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::SETTINGS)
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::SETTINGS)
) {
$response->set('settings_read', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
@ -445,7 +445,7 @@ class Controller extends ModuleAbstract implements WebInterface
public function apiSettingsSet(RequestAbstract $request, ResponseAbstract $response, $data = null) /* : void */
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::MODIFY, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::SETTINGS)
PermissionType::MODIFY, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::SETTINGS)
) {
$response->set('settings_update', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
@ -474,7 +474,7 @@ class Controller extends ModuleAbstract implements WebInterface
public function apiGroupGet(RequestAbstract $request, ResponseAbstract $response, $data = null) /* : void */
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::GROUP)
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::GROUP)
) {
$response->set('group_read', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
@ -504,7 +504,7 @@ class Controller extends ModuleAbstract implements WebInterface
public function apiGroupUpdate(RequestAbstract $request, ResponseAbstract $response, $data = null) /* : void */
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::MODIFY, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::GROUP)
PermissionType::MODIFY, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::GROUP)
) {
$response->set('group_update', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
@ -580,7 +580,7 @@ class Controller extends ModuleAbstract implements WebInterface
public function apiGroupCreate(RequestAbstract $request, ResponseAbstract $response, $data = null) /* : void */
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::GROUP)
PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::GROUP)
) {
$response->set('group_create', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
@ -639,7 +639,7 @@ class Controller extends ModuleAbstract implements WebInterface
public function apiGroupDelete(RequestAbstract $request, ResponseAbstract $response, $data = null) /* : void */
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::DELETE, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::GROUP)
PermissionType::DELETE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::GROUP)
) {
$response->set('group_delete', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
@ -671,7 +671,7 @@ class Controller extends ModuleAbstract implements WebInterface
public function apiAccountGet(RequestAbstract $request, ResponseAbstract $response, $data = null) /* : void */
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::ACCOUNT)
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ACCOUNT)
) {
$response->set('account_read', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
@ -701,7 +701,7 @@ class Controller extends ModuleAbstract implements WebInterface
public function apiAccountFind(RequestAbstract $request, ResponseAbstract $response, $data = null) /* : void */
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::ACCOUNT)
PermissionType::READ, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ACCOUNT)
) {
$response->set('account_find', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
@ -750,7 +750,7 @@ class Controller extends ModuleAbstract implements WebInterface
public function apiAccountCreate(RequestAbstract $request, ResponseAbstract $response, $data = null) /* : void */
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::ACCOUNT)
PermissionType::CREATE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ACCOUNT)
) {
$response->set('account_create', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
@ -812,7 +812,7 @@ class Controller extends ModuleAbstract implements WebInterface
public function apiAccountDelete(RequestAbstract $request, ResponseAbstract $response, $data = null) /* : void */
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::DELETE, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::ACCOUNT)
PermissionType::DELETE, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ACCOUNT)
) {
$response->set('account_delete', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
@ -844,14 +844,14 @@ class Controller extends ModuleAbstract implements WebInterface
public function apiAccountUpdate(RequestAbstract $request, ResponseAbstract $response, $data = null) /* : void */
{
if (!$this->app->accountManager->get($request->getHeader()->getAccount())->hasPermission(
PermissionType::MODIFY, $this->app->orgId, $this->app->appName, self::MODULE_ID, PermissionState::ACCOUNT)
PermissionType::MODIFY, $this->app->orgId, $this->app->appName, self::MODULE_NAME, PermissionState::ACCOUNT)
) {
$response->set('account_update', null);
$response->getHeader()->setStatusCode(RequestStatusCode::R_403);
return;
}
$account = $this->updateAccountFromRequest($request);
$account = $this->updateAccountFromRequest($request, true);
$status = AccountMapper::update($account);
$response->set($request->getUri()->__toString(), [
@ -865,13 +865,14 @@ class Controller extends ModuleAbstract implements WebInterface
/**
* Method to update an account from a request
*
* @param RequestAbstract $request Request
* @param RequestAbstract $request Request
* @param bool $allowPassword Allow to change password
*
* @return Account
*
* @since 1.0.0
*/
private function updateAccountFromRequest(RequestAbstract $request) : Account
private function updateAccountFromRequest(RequestAbstract $request, bool $allowPassword = false) : Account
{
$account = AccountMapper::get((int) ($request->getData('id')));
$account->setName((string) ($request->getData('login') ?? $account->getName()));
@ -882,6 +883,10 @@ class Controller extends ModuleAbstract implements WebInterface
$account->setStatus((int) ($request->getData('status') ?? $account->getStatus()));
$account->setType((int) ($request->getData('type') ?? $account->getType()));
if ($allowPassword && !empty($request->getData('password'))) {
$account->generatePassword((string) $request->getData('password'));
}
return $account;
}

8
Models/AccountMapper.php
View File

@ -105,6 +105,10 @@ class AccountMapper extends DataMapperAbstract
*/
public static function login(string $login, string $password) : int
{
if (empty($password)) {
return LoginReturnType::WRONG_PASSWORD;
}
try {
$result = null;
@ -137,6 +141,10 @@ class AccountMapper extends DataMapperAbstract
return LoginReturnType::WRONG_INPUT_EXCEEDED;
}
if (empty($result['account_password'])) {
return LoginReturnType::EMPTY_PASSWORD;
}
if (password_verify($password, $result['account_password'])) {
return $result['account_id'];
}

4
Theme/Backend/accounts-single.tpl.php
View File

@ -51,8 +51,8 @@ echo $this->getData('nav')->render(); ?>
<tr><td><input id="iName3" name="name3" type="text" placeholder="&#xf007; Duck" value="<?= $this->printHtml($account->getName3()); ?>">
<tr><td><label for="iEmail"><?= $this->getHtml('Email'); ?></label>
<tr><td><input id="iEmail" name="email" type="email" placeholder="&#xf0e0; d.duck@duckburg.com" value="<?= $this->printHtml($account->getEmail()); ?>">
<tr><td><label for="iPassword"><?= $this->getHtml('Name3'); ?></label>
<tr><td><input id="iPassword" name="password" type="text" placeholder="&#xf023; Pa55ssw0rd?">
<tr><td><label for="iPassword"><?= $this->getHtml('Password'); ?></label>
<tr><td><input id="iPassword" name="password" type="password" placeholder="&#xf023; Pa55ssw0rd?">
<tr><td><input id="account-edit-submit" name="editSubmit" type="submit" value="<?= $this->getHtml('Save', 0, 0); ?>">
</table>
</form>