Permission architecture implemented
This commit is contained in:
parent
e1a62442d9
commit
39d14451b2
|
@ -7,6 +7,7 @@ abstract class AbstractController
|
|||
protected string $route;
|
||||
protected ApiResponse $response;
|
||||
|
||||
protected Session $session;
|
||||
protected string $requestUrl;
|
||||
protected ?string $requestBody = null;
|
||||
protected ?string $contentType = null;
|
||||
|
@ -16,6 +17,7 @@ abstract class AbstractController
|
|||
{
|
||||
$this->requestUrl = $url;
|
||||
$this->response = new ApiResponse();
|
||||
$this->session = new Session();
|
||||
}
|
||||
|
||||
public function setRequestBody(string $contentType, string $content): void
|
||||
|
@ -56,6 +58,35 @@ abstract class AbstractController
|
|||
return $param !== null ? (int)$param : null;
|
||||
}
|
||||
|
||||
public function isUserLoggedIn(): bool
|
||||
{
|
||||
if (!$this->session->IsLoggedIn()) {
|
||||
$this->response = new ApiJsonResponse(ServerStatus::UNAUTHORIZED);
|
||||
|
||||
$this->response->setParameter('success', false);
|
||||
$this->response->setMessage('You are not logged in!');
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
public function hasUserPermission(int $userId): bool
|
||||
{
|
||||
$this->response = new ApiJsonResponse();
|
||||
|
||||
$hasPermission = $this->session->isAdmin() || $this->session->getUserId() === $userId;
|
||||
|
||||
if (!$hasPermission) {
|
||||
$this->response->setParameter('success', false);
|
||||
$this->response->setMessage('You don\'t have the permission to do that!');
|
||||
$this->response->setStatus(ServerStatus::UNAUTHORIZED);
|
||||
}
|
||||
|
||||
return $hasPermission;
|
||||
}
|
||||
|
||||
protected function validateJsonBody(): bool
|
||||
{
|
||||
if (count($this->mandatoryAttributes) === 0) {
|
||||
|
|
|
@ -11,7 +11,7 @@ final class Session
|
|||
private const IS_LOGGED_IN = 'is_logged_in';
|
||||
private const USER_ID = 'account_id';
|
||||
private const USERNAME = 'username';
|
||||
private const PERMISSION = 'permission';
|
||||
private const IS_ADMIN = 'admin';
|
||||
private const EMAIL = 'email';
|
||||
private const JABBER_ADDRESS = 'jabber';
|
||||
|
||||
|
@ -46,6 +46,7 @@ final class Session
|
|||
$this->SetString(self::USERNAME, $user->getUsername());
|
||||
$this->SetString(self::EMAIL, $user->getEmail());
|
||||
$this->SetString(self::JABBER_ADDRESS, $user->getJabberAddress());
|
||||
$this->SetBool(self::IS_ADMIN, $user->isAdmin());
|
||||
|
||||
return true;
|
||||
}
|
||||
|
@ -95,9 +96,9 @@ final class Session
|
|||
return $this->GetInt(self::USER_ID);
|
||||
}
|
||||
|
||||
public function GetPermission(): ?int
|
||||
public function isAdmin(): bool
|
||||
{
|
||||
return $this->GetInt(self::PERMISSION);
|
||||
return $this->GetBool(self::IS_ADMIN);
|
||||
}
|
||||
|
||||
public static function HasSession(): bool
|
||||
|
|
|
@ -9,8 +9,9 @@ final class User extends MySqlTable implements JsonSerializable
|
|||
public const FIELD_PASSWORD = 'Password';
|
||||
public const FIELD_EMAIL = 'Email';
|
||||
public const FIELD_JABBER_ADDRESS = 'JabberAddress';
|
||||
public const FIELD_ADMIN = 'IsAdmin';
|
||||
|
||||
public function __construct($id = null, DatabaseInterface &$database = null)
|
||||
public function __construct($id = null, DatabaseInterface &$database = null)
|
||||
{
|
||||
parent::__construct(self::class, $id, $database);
|
||||
}
|
||||
|
@ -44,6 +45,11 @@ final class User extends MySqlTable implements JsonSerializable
|
|||
return $this->getField(self::FIELD_JABBER_ADDRESS);
|
||||
}
|
||||
|
||||
public function isAdmin(): bool
|
||||
{
|
||||
return $this->getField(self::FIELD_ADMIN);
|
||||
}
|
||||
|
||||
public function setUsername(string $username): void
|
||||
{
|
||||
$this->setField(self::FIELD_USERNAME, $username);
|
||||
|
@ -64,6 +70,11 @@ final class User extends MySqlTable implements JsonSerializable
|
|||
$this->setField(self::FIELD_JABBER_ADDRESS, $jabberAddress);
|
||||
}
|
||||
|
||||
public function setAdmin(bool $isAdmin): void
|
||||
{
|
||||
$this->setField(self::FIELD_ADMIN, $isAdmin);
|
||||
}
|
||||
|
||||
public static function getFromUsername(string $username, DatabaseInterface &$database = null): self
|
||||
{
|
||||
$databaseGiven = true;
|
||||
|
|
Loading…
Reference in New Issue