From: Nik Okuntseff Date: Mon, 12 Mar 2018 14:46:34 +0000 (+0000) Subject: Started redoing access checks using role rights. X-Git-Tag: timetracker_1.19-1~1052 X-Git-Url: http://wagnertech.de/git?a=commitdiff_plain;h=718f61be021c6afa8ddd836e6f5cd9d76faf8530;p=timetracker.git Started redoing access checks using role rights. --- diff --git a/WEB-INF/lib/common.lib.php b/WEB-INF/lib/common.lib.php index ec21d675..56214922 100644 --- a/WEB-INF/lib/common.lib.php +++ b/WEB-INF/lib/common.lib.php @@ -344,3 +344,25 @@ function ttAccessCheck($required_rights) return true; } + +// ttAccessAllowed checks whether user is allowed access to a particular page. +// This function is a replacement for ttAccessCheck above as part of roles revamp. +// To be used as an initial check on all publicly available pages +// (except login.php and register.php where we don't have to check). +function ttAccessAllowed($required_right) +{ + global $auth; + global $user; + + // Redirect to login page if user is not authenticated. + if (!$auth->isAuthenticated()) { + header('Location: login.php'); + exit(); + } + + // Check if user has the right. + if (in_array($required_right, $user->rights)) + return true; + + return false; +} \ No newline at end of file diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl index 42ecb58e..36dcb362 100644 --- a/WEB-INF/templates/footer.tpl +++ b/WEB-INF/templates/footer.tpl @@ -12,7 +12,7 @@
-
 Anuko Time Tracker 1.17.38.4059 | Copyright © Anuko | +  Anuko Time Tracker 1.17.39.4060 | Copyright © Anuko | {$i18n.footer.credits} | {$i18n.footer.license} | {$i18n.footer.improve} diff --git a/admin_options.php b/admin_options.php index ae901d6d..6f812558 100644 --- a/admin_options.php +++ b/admin_options.php @@ -31,7 +31,7 @@ import('form.Form'); import('ttUserHelper'); // Access check. -if (!ttAccessCheck(right_administer_site)) { +if (!ttAccessAllowed('administer_site')) { header('Location: access_denied.php'); exit(); }