fix(auth): overwrite Shield's PermissionFilter
This commit is contained in:
Yassine Doghri
parent
d68595932a
commit
c6e8000bab
|
|
@ -29,7 +29,6 @@ class Filters extends BaseConfig
|
|||
'honeypot' => Honeypot::class,
|
||||
'invalidchars' => InvalidChars::class,
|
||||
'secureheaders' => SecureHeaders::class,
|
||||
'permission' => PermissionFilter::class,
|
||||
'fediverse' => FediverseFilter::class,
|
||||
'allow-cors' => AllowCorsFilter::class,
|
||||
'rest-api' => ApiFilter::class,
|
||||
|
|
@ -89,5 +88,7 @@ class Filters extends BaseConfig
|
|||
'before' => ['*@*/episodes/*'],
|
||||
],
|
||||
];
|
||||
|
||||
$this->aliases['permission'] = PermissionFilter::class;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,14 +6,46 @@ namespace Modules\Auth\Filters;
|
|||
|
||||
use App\Entities\Podcast;
|
||||
use App\Models\PodcastModel;
|
||||
use CodeIgniter\Shield\Filters\AbstractAuthFilter;
|
||||
use CodeIgniter\Filters\FilterInterface;
|
||||
use CodeIgniter\HTTP\RequestInterface;
|
||||
use CodeIgniter\HTTP\ResponseInterface;
|
||||
use Config\Services;
|
||||
use RuntimeException;
|
||||
|
||||
/**
|
||||
* Permission Authorization Filter.
|
||||
*/
|
||||
class PermissionFilter extends AbstractAuthFilter
|
||||
class PermissionFilter implements FilterInterface
|
||||
{
|
||||
/**
|
||||
* @param string[]|null $arguments
|
||||
* @return mixed
|
||||
*/
|
||||
public function before(RequestInterface $request, $arguments = null)
|
||||
{
|
||||
if ($arguments === null || $arguments === []) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (! auth()->loggedIn()) {
|
||||
return redirect()->route('login');
|
||||
}
|
||||
|
||||
if ($this->isAuthorized($arguments)) {
|
||||
return;
|
||||
}
|
||||
|
||||
throw new RuntimeException(lang('Auth.notEnoughPrivilege'), 403);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string[]|null $arguments
|
||||
* @return mixed
|
||||
*/
|
||||
public function after(RequestInterface $request, ResponseInterface $response, $arguments = null): void
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Ensures the user is logged in and has one or more
|
||||
* of the permissions as specified in the filter.
|
||||
|
|
|
|||
|
|
@ -85,7 +85,6 @@ return [
|
|||
// missing keys
|
||||
'code' => 'Your 6-digit code',
|
||||
|
||||
'notEnoughPrivilege' => 'You do not have sufficient permissions to access that page.',
|
||||
'set_password' => 'Set your password',
|
||||
|
||||
// Welcome email
|
||||
|
|
|
|||
Loading…
Reference in New Issue