2020-08-04 13:25:22 +02:00
|
|
|
<?php
|
|
|
|
|
2021-06-08 11:52:11 +02:00
|
|
|
declare(strict_types=1);
|
|
|
|
|
2021-08-23 13:05:16 +02:00
|
|
|
namespace Modules\Auth\Filters;
|
2020-07-31 18:05:10 +02:00
|
|
|
|
|
|
|
use App\Models\PodcastModel;
|
2021-05-19 18:35:13 +02:00
|
|
|
use CodeIgniter\Filters\FilterInterface;
|
2020-07-31 18:05:10 +02:00
|
|
|
use CodeIgniter\HTTP\RequestInterface;
|
|
|
|
use CodeIgniter\HTTP\ResponseInterface;
|
2022-10-15 13:22:08 +02:00
|
|
|
use CodeIgniter\Shield\Exceptions\RuntimeException;
|
2021-05-19 18:35:13 +02:00
|
|
|
use Config\Services;
|
2020-07-31 18:05:10 +02:00
|
|
|
|
2021-04-02 19:20:02 +02:00
|
|
|
class PermissionFilter implements FilterInterface
|
2020-07-31 18:05:10 +02:00
|
|
|
{
|
|
|
|
/**
|
2021-05-19 18:35:13 +02:00
|
|
|
* Do whatever processing this filter needs to do. By default it should not return anything during normal execution.
|
|
|
|
* However, when an abnormal state is found, it should return an instance of CodeIgniter\HTTP\Response. If it does,
|
|
|
|
* script execution will end and that Response will be sent back to the client, allowing for error pages, redirects,
|
|
|
|
* etc.
|
2020-07-31 18:05:10 +02:00
|
|
|
*
|
2021-05-14 19:59:35 +02:00
|
|
|
* @param string[]|null $params
|
2021-05-06 16:00:48 +02:00
|
|
|
* @return void|mixed
|
2020-07-31 18:05:10 +02:00
|
|
|
*/
|
|
|
|
public function before(RequestInterface $request, $params = null)
|
|
|
|
{
|
2022-10-15 13:22:08 +02:00
|
|
|
if (empty($params)) {
|
2020-07-31 18:05:10 +02:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2022-10-15 13:22:08 +02:00
|
|
|
if (! function_exists('auth')) {
|
|
|
|
helper('auth');
|
|
|
|
}
|
2020-07-31 18:05:10 +02:00
|
|
|
|
2022-10-15 13:22:08 +02:00
|
|
|
if (! auth()->loggedIn()) {
|
|
|
|
return redirect()->to('login');
|
2020-07-31 18:05:10 +02:00
|
|
|
}
|
|
|
|
|
2022-10-15 13:22:08 +02:00
|
|
|
$result = true;
|
2020-07-31 18:05:10 +02:00
|
|
|
|
|
|
|
foreach ($params as $permission) {
|
2022-10-15 13:22:08 +02:00
|
|
|
// does permission is specific to a podcast?
|
|
|
|
if (str_contains($permission, '#')) {
|
|
|
|
$router = Services::router();
|
|
|
|
$routerParams = $router->params();
|
|
|
|
|
|
|
|
// get podcast id
|
|
|
|
$podcastId = null;
|
|
|
|
if (is_numeric($routerParams[0])) {
|
|
|
|
$podcastId = (int) $routerParams[0];
|
|
|
|
} else {
|
|
|
|
$podcast = (new PodcastModel())->getPodcastByHandle($routerParams[0]);
|
|
|
|
if ($podcast !== null) {
|
|
|
|
$podcastId = $podcast->id;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if ($podcastId !== null) {
|
|
|
|
$permission = str_replace('#', '#' . $podcastId, $permission);
|
2020-07-31 18:05:10 +02:00
|
|
|
}
|
|
|
|
}
|
2022-10-15 13:22:08 +02:00
|
|
|
|
|
|
|
$result = $result && auth()
|
|
|
|
->user()
|
|
|
|
->can($permission);
|
2020-07-31 18:05:10 +02:00
|
|
|
}
|
|
|
|
|
2021-05-19 18:35:13 +02:00
|
|
|
if (! $result) {
|
2022-10-15 13:22:08 +02:00
|
|
|
throw new RuntimeException(lang('Auth.notEnoughPrivilege'), 403);
|
2020-07-31 18:05:10 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
//--------------------------------------------------------------------
|
2021-05-19 18:35:13 +02:00
|
|
|
|
2020-07-31 18:05:10 +02:00
|
|
|
/**
|
2021-05-19 18:35:13 +02:00
|
|
|
* Allows After filters to inspect and modify the response object as needed. This method does not allow any way to
|
|
|
|
* stop execution of other after filters, short of throwing an Exception or Error.
|
2020-07-31 18:05:10 +02:00
|
|
|
*
|
2021-05-14 19:59:35 +02:00
|
|
|
* @param string[]|null $arguments
|
2020-07-31 18:05:10 +02:00
|
|
|
*/
|
2021-05-19 18:35:13 +02:00
|
|
|
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null): void
|
|
|
|
{
|
2020-07-31 18:05:10 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
//--------------------------------------------------------------------
|
|
|
|
}
|