Moved authentication related macros out of MisuzuContext.
This commit is contained in:
parent
73e4597e16
commit
15e96684c2
32 changed files with 132 additions and 120 deletions
|
@ -4,7 +4,8 @@ namespace Misuzu;
|
||||||
use Exception;
|
use Exception;
|
||||||
use Misuzu\Auth\AuthTokenCookie;
|
use Misuzu\Auth\AuthTokenCookie;
|
||||||
|
|
||||||
if($msz->isLoggedIn()) {
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
if($authInfo->isLoggedIn()) {
|
||||||
url_redirect('index');
|
url_redirect('index');
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
@ -136,7 +137,7 @@ while(!empty($_POST['login']) && is_array($_POST['login'])) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
$tokenBuilder = $msz->getAuthInfo()->getTokenInfo()->toBuilder();
|
$tokenBuilder = $authInfo->getTokenInfo()->toBuilder();
|
||||||
$tokenBuilder->setUserId($userInfo);
|
$tokenBuilder->setUserId($userInfo);
|
||||||
$tokenBuilder->setSessionToken($sessionInfo);
|
$tokenBuilder->setSessionToken($sessionInfo);
|
||||||
$tokenBuilder->removeImpersonatedUserId();
|
$tokenBuilder->removeImpersonatedUserId();
|
||||||
|
|
|
@ -3,13 +3,14 @@ namespace Misuzu;
|
||||||
|
|
||||||
use Misuzu\Auth\AuthTokenCookie;
|
use Misuzu\Auth\AuthTokenCookie;
|
||||||
|
|
||||||
if($msz->isLoggedIn()) {
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
if($authInfo->isLoggedIn()) {
|
||||||
if(!CSRF::validateRequest()) {
|
if(!CSRF::validateRequest()) {
|
||||||
Template::render('auth.logout');
|
Template::render('auth.logout');
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$tokenInfo = $msz->getAuthInfo()->getTokenInfo();
|
$tokenInfo = $authInfo->getTokenInfo();
|
||||||
|
|
||||||
$msz->getSessions()->deleteSessions(sessionTokens: $tokenInfo->getSessionToken());
|
$msz->getSessions()->deleteSessions(sessionTokens: $tokenInfo->getSessionToken());
|
||||||
|
|
||||||
|
|
|
@ -4,7 +4,8 @@ namespace Misuzu;
|
||||||
use RuntimeException;
|
use RuntimeException;
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
if($msz->isLoggedIn()) {
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
if($authInfo->isLoggedIn()) {
|
||||||
url_redirect('settings-account');
|
url_redirect('settings-account');
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,7 +4,8 @@ namespace Misuzu;
|
||||||
use RuntimeException;
|
use RuntimeException;
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
if($msz->isLoggedIn()) {
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
if($authInfo->isLoggedIn()) {
|
||||||
url_redirect('index');
|
url_redirect('index');
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,7 +5,8 @@ use RuntimeException;
|
||||||
use Misuzu\TOTPGenerator;
|
use Misuzu\TOTPGenerator;
|
||||||
use Misuzu\Auth\AuthTokenCookie;
|
use Misuzu\Auth\AuthTokenCookie;
|
||||||
|
|
||||||
if($msz->isLoggedIn()) {
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
if($authInfo->isLoggedIn()) {
|
||||||
url_redirect('index');
|
url_redirect('index');
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
@ -84,7 +85,7 @@ while(!empty($twofactor)) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
$tokenBuilder = $msz->getAuthInfo()->getTokenInfo()->toBuilder();
|
$tokenBuilder = $authInfo->getTokenInfo()->toBuilder();
|
||||||
$tokenBuilder->setUserId($userInfo);
|
$tokenBuilder->setUserId($userInfo);
|
||||||
$tokenBuilder->setSessionToken($sessionInfo);
|
$tokenBuilder->setSessionToken($sessionInfo);
|
||||||
$tokenBuilder->removeImpersonatedUserId();
|
$tokenBuilder->removeImpersonatedUserId();
|
||||||
|
|
|
@ -3,6 +3,7 @@ namespace Misuzu;
|
||||||
|
|
||||||
use RuntimeException;
|
use RuntimeException;
|
||||||
|
|
||||||
|
$usersCtx = $msz->getUsersContext();
|
||||||
$redirect = filter_input(INPUT_GET, 'return') ?? $_SERVER['HTTP_REFERER'] ?? url('index');
|
$redirect = filter_input(INPUT_GET, 'return') ?? $_SERVER['HTTP_REFERER'] ?? url('index');
|
||||||
|
|
||||||
if(!is_local_url($redirect))
|
if(!is_local_url($redirect))
|
||||||
|
@ -11,16 +12,17 @@ if(!is_local_url($redirect))
|
||||||
if(!CSRF::validateRequest())
|
if(!CSRF::validateRequest())
|
||||||
Template::displayInfo("Couldn't verify this request, please refresh the page and try again.", 403);
|
Template::displayInfo("Couldn't verify this request, please refresh the page and try again.", 403);
|
||||||
|
|
||||||
if(!$msz->isLoggedIn())
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
if(!$authInfo->isLoggedIn())
|
||||||
Template::displayInfo('You must be logged in to manage comments.', 403);
|
Template::displayInfo('You must be logged in to manage comments.', 403);
|
||||||
|
|
||||||
if($msz->hasActiveBan())
|
$currentUserInfo = $authInfo->getUserInfo();
|
||||||
|
|
||||||
|
if($usersCtx->hasActiveBan($currentUserInfo))
|
||||||
Template::displayInfo('You have been banned, check your profile for more information.', 403);
|
Template::displayInfo('You have been banned, check your profile for more information.', 403);
|
||||||
|
|
||||||
$currentUserInfo = $msz->getActiveUser();
|
|
||||||
|
|
||||||
$comments = $msz->getComments();
|
$comments = $msz->getComments();
|
||||||
$perms = $msz->getAuthInfo()->getPerms('global');
|
$perms = $authInfo->getPerms('global');
|
||||||
|
|
||||||
$commentId = (string)filter_input(INPUT_GET, 'c', FILTER_SANITIZE_NUMBER_INT);
|
$commentId = (string)filter_input(INPUT_GET, 'c', FILTER_SANITIZE_NUMBER_INT);
|
||||||
$commentMode = (string)filter_input(INPUT_GET, 'm');
|
$commentMode = (string)filter_input(INPUT_GET, 'm');
|
||||||
|
|
|
@ -15,15 +15,16 @@ try {
|
||||||
Template::throwError(404);
|
Template::throwError(404);
|
||||||
}
|
}
|
||||||
|
|
||||||
$perms = $msz->getAuthInfo()->getPerms('forum', $categoryInfo);
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
$perms = $authInfo->getPerms('forum', $categoryInfo);
|
||||||
|
|
||||||
$currentUser = $msz->getActiveUser();
|
$currentUser = $authInfo->getUserInfo();
|
||||||
$currentUserId = $currentUser === null ? '0' : $currentUser->getId();
|
$currentUserId = $currentUser === null ? '0' : $currentUser->getId();
|
||||||
|
|
||||||
if(!$perms->check(Perm::F_CATEGORY_VIEW))
|
if(!$perms->check(Perm::F_CATEGORY_VIEW))
|
||||||
Template::throwError(403);
|
Template::throwError(403);
|
||||||
|
|
||||||
if($msz->hasActiveBan())
|
if($usersCtx->hasActiveBan($currentUser))
|
||||||
$perms = $perms->apply(fn($calc) => $calc & (Perm::F_CATEGORY_LIST | Perm::F_CATEGORY_VIEW));
|
$perms = $perms->apply(fn($calc) => $calc & (Perm::F_CATEGORY_LIST | Perm::F_CATEGORY_VIEW));
|
||||||
|
|
||||||
if($categoryInfo->isLink()) {
|
if($categoryInfo->isLink()) {
|
||||||
|
@ -52,7 +53,7 @@ if($categoryInfo->mayHaveChildren()) {
|
||||||
$children = $forum->getCategoryChildren($categoryInfo, hidden: false, asTree: true);
|
$children = $forum->getCategoryChildren($categoryInfo, hidden: false, asTree: true);
|
||||||
|
|
||||||
foreach($children as $childId => $child) {
|
foreach($children as $childId => $child) {
|
||||||
$childPerms = $msz->getAuthInfo()->getPerms('forum', $child->info);
|
$childPerms = $authInfo->getPerms('forum', $child->info);
|
||||||
if(!$childPerms->check(Perm::F_CATEGORY_LIST)) {
|
if(!$childPerms->check(Perm::F_CATEGORY_LIST)) {
|
||||||
unset($category->children[$childId]);
|
unset($category->children[$childId]);
|
||||||
continue;
|
continue;
|
||||||
|
@ -62,7 +63,7 @@ if($categoryInfo->mayHaveChildren()) {
|
||||||
|
|
||||||
if($child->info->mayHaveChildren()) {
|
if($child->info->mayHaveChildren()) {
|
||||||
foreach($child->children as $grandChildId => $grandChild) {
|
foreach($child->children as $grandChildId => $grandChild) {
|
||||||
$grandChildPerms = $msz->getAuthInfo()->getPerms('forum', $grandChild->info);
|
$grandChildPerms = $authInfo->getPerms('forum', $grandChild->info);
|
||||||
if(!$grandChildPerms->check(Perm::F_CATEGORY_LIST)) {
|
if(!$grandChildPerms->check(Perm::F_CATEGORY_LIST)) {
|
||||||
unset($child->children[$grandChildId]);
|
unset($child->children[$grandChildId]);
|
||||||
continue;
|
continue;
|
||||||
|
@ -73,7 +74,7 @@ if($categoryInfo->mayHaveChildren()) {
|
||||||
if($grandChild->info->mayHaveTopics()) {
|
if($grandChild->info->mayHaveTopics()) {
|
||||||
$catIds = [$grandChild->info->getId()];
|
$catIds = [$grandChild->info->getId()];
|
||||||
foreach($grandChild->childIds as $greatGrandChildId) {
|
foreach($grandChild->childIds as $greatGrandChildId) {
|
||||||
$greatGrandChildPerms = $msz->getAuthInfo()->getPerms('forum', $greatGrandChildId);
|
$greatGrandChildPerms = $authInfo->getPerms('forum', $greatGrandChildId);
|
||||||
if(!$greatGrandChildPerms->check(Perm::F_CATEGORY_LIST))
|
if(!$greatGrandChildPerms->check(Perm::F_CATEGORY_LIST))
|
||||||
$catIds[] = $greatGrandChildId;
|
$catIds[] = $greatGrandChildId;
|
||||||
}
|
}
|
||||||
|
@ -91,7 +92,7 @@ if($categoryInfo->mayHaveChildren()) {
|
||||||
if($child->info->mayHaveChildren() || $child->info->mayHaveTopics()) {
|
if($child->info->mayHaveChildren() || $child->info->mayHaveTopics()) {
|
||||||
$catIds = [$child->info->getId()];
|
$catIds = [$child->info->getId()];
|
||||||
foreach($child->childIds as $grandChildId) {
|
foreach($child->childIds as $grandChildId) {
|
||||||
$grandChildPerms = $msz->getAuthInfo()->getPerms('forum', $grandChildId);
|
$grandChildPerms = $authInfo->getPerms('forum', $grandChildId);
|
||||||
if($grandChildPerms->check(Perm::F_CATEGORY_LIST))
|
if($grandChildPerms->check(Perm::F_CATEGORY_LIST))
|
||||||
$catIds[] = $grandChildId;
|
$catIds[] = $grandChildId;
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,11 +8,12 @@ $forum = $msz->getForum();
|
||||||
$usersCtx = $msz->getUsersContext();
|
$usersCtx = $msz->getUsersContext();
|
||||||
$mode = (string)filter_input(INPUT_GET, 'm');
|
$mode = (string)filter_input(INPUT_GET, 'm');
|
||||||
|
|
||||||
$currentUser = $msz->getActiveUser();
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
$currentUser = $authInfo->getUserInfo();
|
||||||
$currentUserId = $currentUser === null ? '0' : $currentUser->getId();
|
$currentUserId = $currentUser === null ? '0' : $currentUser->getId();
|
||||||
|
|
||||||
if($mode === 'mark') {
|
if($mode === 'mark') {
|
||||||
if(!$msz->isLoggedIn())
|
if(!$authInfo->isLoggedIn())
|
||||||
Template::throwError(403);
|
Template::throwError(403);
|
||||||
|
|
||||||
$categoryId = filter_input(INPUT_GET, 'f', FILTER_SANITIZE_NUMBER_INT);
|
$categoryId = filter_input(INPUT_GET, 'f', FILTER_SANITIZE_NUMBER_INT);
|
||||||
|
@ -23,7 +24,7 @@ if($mode === 'mark') {
|
||||||
: $forum->getCategoryChildren(parentInfo: $categoryId, includeSelf: true);
|
: $forum->getCategoryChildren(parentInfo: $categoryId, includeSelf: true);
|
||||||
|
|
||||||
foreach($categoryInfos as $categoryInfo) {
|
foreach($categoryInfos as $categoryInfo) {
|
||||||
$perms = $msz->getAuthInfo()->getPerms('forum', $categoryInfo);
|
$perms = $authInfo->getPerms('forum', $categoryInfo);
|
||||||
if($perms->check(Perm::F_CATEGORY_LIST))
|
if($perms->check(Perm::F_CATEGORY_LIST))
|
||||||
$forum->updateUserReadCategory($userInfo, $categoryInfo);
|
$forum->updateUserReadCategory($userInfo, $categoryInfo);
|
||||||
}
|
}
|
||||||
|
@ -49,7 +50,7 @@ if($mode !== '')
|
||||||
$categories = $forum->getCategories(hidden: false, asTree: true);
|
$categories = $forum->getCategories(hidden: false, asTree: true);
|
||||||
|
|
||||||
foreach($categories as $categoryId => $category) {
|
foreach($categories as $categoryId => $category) {
|
||||||
$perms = $msz->getAuthInfo()->getPerms('forum', $category->info);
|
$perms = $authInfo->getPerms('forum', $category->info);
|
||||||
if(!$perms->check(Perm::F_CATEGORY_LIST)) {
|
if(!$perms->check(Perm::F_CATEGORY_LIST)) {
|
||||||
unset($categories[$categoryId]);
|
unset($categories[$categoryId]);
|
||||||
continue;
|
continue;
|
||||||
|
@ -59,7 +60,7 @@ foreach($categories as $categoryId => $category) {
|
||||||
|
|
||||||
if($category->info->mayHaveChildren())
|
if($category->info->mayHaveChildren())
|
||||||
foreach($category->children as $childId => $child) {
|
foreach($category->children as $childId => $child) {
|
||||||
$childPerms = $msz->getAuthInfo()->getPerms('forum', $child->info);
|
$childPerms = $authInfo->getPerms('forum', $child->info);
|
||||||
if(!$childPerms->check(Perm::F_CATEGORY_LIST)) {
|
if(!$childPerms->check(Perm::F_CATEGORY_LIST)) {
|
||||||
unset($category->children[$childId]);
|
unset($category->children[$childId]);
|
||||||
continue;
|
continue;
|
||||||
|
@ -70,7 +71,7 @@ foreach($categories as $categoryId => $category) {
|
||||||
if($category->info->isListing()) {
|
if($category->info->isListing()) {
|
||||||
if($child->info->mayHaveChildren()) {
|
if($child->info->mayHaveChildren()) {
|
||||||
foreach($child->children as $grandChildId => $grandChild) {
|
foreach($child->children as $grandChildId => $grandChild) {
|
||||||
$grandChildPerms = $msz->getAuthInfo()->getPerms('forum', $grandChild->info);
|
$grandChildPerms = $authInfo->getPerms('forum', $grandChild->info);
|
||||||
if(!$grandChildPerms->check(Perm::F_CATEGORY_LIST)) {
|
if(!$grandChildPerms->check(Perm::F_CATEGORY_LIST)) {
|
||||||
unset($child->children[$grandChildId]);
|
unset($child->children[$grandChildId]);
|
||||||
continue;
|
continue;
|
||||||
|
@ -81,7 +82,7 @@ foreach($categories as $categoryId => $category) {
|
||||||
if($grandChild->info->mayHaveTopics()) {
|
if($grandChild->info->mayHaveTopics()) {
|
||||||
$catIds = [$grandChild->info->getId()];
|
$catIds = [$grandChild->info->getId()];
|
||||||
foreach($grandChild->childIds as $greatGrandChildId) {
|
foreach($grandChild->childIds as $greatGrandChildId) {
|
||||||
$greatGrandChildPerms = $msz->getAuthInfo()->getPerms('forum', $greatGrandChildId);
|
$greatGrandChildPerms = $authInfo->getPerms('forum', $greatGrandChildId);
|
||||||
if($greatGrandChildPerms->check(Perm::F_CATEGORY_LIST))
|
if($greatGrandChildPerms->check(Perm::F_CATEGORY_LIST))
|
||||||
$catIds[] = $greatGrandChildId;
|
$catIds[] = $greatGrandChildId;
|
||||||
}
|
}
|
||||||
|
@ -99,7 +100,7 @@ foreach($categories as $categoryId => $category) {
|
||||||
if($child->info->mayHaveChildren() || $child->info->mayHaveTopics()) {
|
if($child->info->mayHaveChildren() || $child->info->mayHaveTopics()) {
|
||||||
$catIds = [$child->info->getId()];
|
$catIds = [$child->info->getId()];
|
||||||
foreach($child->childIds as $grandChildId) {
|
foreach($child->childIds as $grandChildId) {
|
||||||
$grandChildPerms = $msz->getAuthInfo()->getPerms('forum', $grandChildId);
|
$grandChildPerms = $authInfo->getPerms('forum', $grandChildId);
|
||||||
if($grandChildPerms->check(Perm::F_CATEGORY_LIST))
|
if($grandChildPerms->check(Perm::F_CATEGORY_LIST))
|
||||||
$catIds[] = $grandChildId;
|
$catIds[] = $grandChildId;
|
||||||
}
|
}
|
||||||
|
@ -152,7 +153,7 @@ foreach($categories as $categoryId => $category) {
|
||||||
if($category->info->mayHaveChildren() || $category->info->mayHaveTopics()) {
|
if($category->info->mayHaveChildren() || $category->info->mayHaveTopics()) {
|
||||||
$catIds = [$category->info->getId()];
|
$catIds = [$category->info->getId()];
|
||||||
foreach($category->childIds as $childId) {
|
foreach($category->childIds as $childId) {
|
||||||
$childPerms = $msz->getAuthInfo()->getPerms('forum', $childId);
|
$childPerms = $authInfo->getPerms('forum', $childId);
|
||||||
if($childPerms->check(Perm::F_CATEGORY_LIST))
|
if($childPerms->check(Perm::F_CATEGORY_LIST))
|
||||||
$catIds[] = $childId;
|
$catIds[] = $childId;
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,6 +4,7 @@ namespace Misuzu;
|
||||||
use RuntimeException;
|
use RuntimeException;
|
||||||
|
|
||||||
$forum = $msz->getForum();
|
$forum = $msz->getForum();
|
||||||
|
$usersCtx = $msz->getUsersContext();
|
||||||
|
|
||||||
$postId = !empty($_GET['p']) && is_string($_GET['p']) ? (int)$_GET['p'] : 0;
|
$postId = !empty($_GET['p']) && is_string($_GET['p']) ? (int)$_GET['p'] : 0;
|
||||||
$postMode = !empty($_GET['m']) && is_string($_GET['m']) ? (string)$_GET['m'] : '';
|
$postMode = !empty($_GET['m']) && is_string($_GET['m']) ? (string)$_GET['m'] : '';
|
||||||
|
@ -11,13 +12,14 @@ $submissionConfirmed = !empty($_GET['confirm']) && is_string($_GET['confirm']) &
|
||||||
|
|
||||||
$postRequestVerified = CSRF::validateRequest();
|
$postRequestVerified = CSRF::validateRequest();
|
||||||
|
|
||||||
if(!empty($postMode) && !$msz->isLoggedIn())
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
if(!empty($postMode) && !$authInfo->isLoggedIn())
|
||||||
Template::displayInfo('You must be logged in to manage posts.', 401);
|
Template::displayInfo('You must be logged in to manage posts.', 401);
|
||||||
|
|
||||||
$currentUser = $msz->getActiveUser();
|
$currentUser = $authInfo->getUserInfo();
|
||||||
$currentUserId = $currentUser === null ? '0' : $currentUser->getId();
|
$currentUserId = $currentUser === null ? '0' : $currentUser->getId();
|
||||||
|
|
||||||
if($postMode !== '' && $msz->hasActiveBan())
|
if($postMode !== '' && $usersCtx->hasActiveBan($currentUser))
|
||||||
Template::displayInfo('You have been banned, check your profile for more information.', 403);
|
Template::displayInfo('You have been banned, check your profile for more information.', 403);
|
||||||
|
|
||||||
try {
|
try {
|
||||||
|
@ -26,7 +28,7 @@ try {
|
||||||
Template::throwError(404);
|
Template::throwError(404);
|
||||||
}
|
}
|
||||||
|
|
||||||
$perms = $msz->getAuthInfo()->getPerms('forum', $postInfo->getCategoryId());
|
$perms = $authInfo->getPerms('forum', $postInfo->getCategoryId());
|
||||||
|
|
||||||
if(!$perms->check(Perm::F_CATEGORY_VIEW))
|
if(!$perms->check(Perm::F_CATEGORY_VIEW))
|
||||||
Template::throwError(403);
|
Template::throwError(403);
|
||||||
|
|
|
@ -7,17 +7,18 @@ use Index\DateTime;
|
||||||
use Misuzu\Forum\ForumTopicInfo;
|
use Misuzu\Forum\ForumTopicInfo;
|
||||||
use Misuzu\Parsers\Parser;
|
use Misuzu\Parsers\Parser;
|
||||||
|
|
||||||
if(!$msz->isLoggedIn())
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
if(!$authInfo->isLoggedIn())
|
||||||
Template::throwError(401);
|
Template::throwError(401);
|
||||||
|
|
||||||
$currentUser = $msz->getActiveUser();
|
|
||||||
$currentUserId = $currentUser->getId();
|
|
||||||
if($msz->hasActiveBan())
|
|
||||||
Template::throwError(403);
|
|
||||||
|
|
||||||
$forum = $msz->getForum();
|
$forum = $msz->getForum();
|
||||||
$usersCtx = $msz->getUsersContext();
|
$usersCtx = $msz->getUsersContext();
|
||||||
|
|
||||||
|
$currentUser = $authInfo->getUserInfo();
|
||||||
|
$currentUserId = $currentUser->getId();
|
||||||
|
if($usersCtx->hasActiveBan($currentUser))
|
||||||
|
Template::throwError(403);
|
||||||
|
|
||||||
$userPostsCounts = [];
|
$userPostsCounts = [];
|
||||||
|
|
||||||
$forumPostingModes = [
|
$forumPostingModes = [
|
||||||
|
@ -104,7 +105,7 @@ if(empty($forumId)) {
|
||||||
$hasCategoryInfo = true;
|
$hasCategoryInfo = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
$perms = $msz->getAuthInfo()->getPerms('forum', $categoryInfo);
|
$perms = $authInfo->getPerms('forum', $categoryInfo);
|
||||||
|
|
||||||
if($categoryInfo->isArchived()
|
if($categoryInfo->isArchived()
|
||||||
|| (isset($topicInfo) && $topicInfo->isLocked() && !$perms->check(Perm::F_TOPIC_LOCK))
|
|| (isset($topicInfo) && $topicInfo->isLocked() && !$perms->check(Perm::F_TOPIC_LOCK))
|
||||||
|
|
|
@ -13,7 +13,8 @@ $categoryId = null;
|
||||||
$moderationMode = !empty($_GET['m']) && is_string($_GET['m']) ? (string)$_GET['m'] : '';
|
$moderationMode = !empty($_GET['m']) && is_string($_GET['m']) ? (string)$_GET['m'] : '';
|
||||||
$submissionConfirmed = !empty($_GET['confirm']) && is_string($_GET['confirm']) && $_GET['confirm'] === '1';
|
$submissionConfirmed = !empty($_GET['confirm']) && is_string($_GET['confirm']) && $_GET['confirm'] === '1';
|
||||||
|
|
||||||
$currentUser = $msz->getActiveUser();
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
$currentUser = $authInfo->getUserInfo();
|
||||||
$currentUserId = $currentUser === null ? '0' : $currentUser->getId();
|
$currentUserId = $currentUser === null ? '0' : $currentUser->getId();
|
||||||
|
|
||||||
if($topicId < 1 && $postId > 0) {
|
if($topicId < 1 && $postId > 0) {
|
||||||
|
@ -24,7 +25,7 @@ if($topicId < 1 && $postId > 0) {
|
||||||
}
|
}
|
||||||
|
|
||||||
$categoryId = $postInfo->getCategoryId();
|
$categoryId = $postInfo->getCategoryId();
|
||||||
$perms = $msz->getAuthInfo()->getPerms('forum', $postInfo->getCategoryId());
|
$perms = $authInfo->getPerms('forum', $postInfo->getCategoryId());
|
||||||
$canDeleteAny = $perms->check(Perm::F_POST_DELETE_ANY);
|
$canDeleteAny = $perms->check(Perm::F_POST_DELETE_ANY);
|
||||||
|
|
||||||
if($postInfo->isDeleted() && !$canDeleteAny)
|
if($postInfo->isDeleted() && !$canDeleteAny)
|
||||||
|
@ -50,10 +51,10 @@ if(!$topicIsNuked) {
|
||||||
|
|
||||||
if($categoryId !== (int)$topicInfo->getCategoryId()) {
|
if($categoryId !== (int)$topicInfo->getCategoryId()) {
|
||||||
$categoryId = (int)$topicInfo->getCategoryId();
|
$categoryId = (int)$topicInfo->getCategoryId();
|
||||||
$perms = $msz->getAuthInfo()->getPerms('forum', $topicInfo->getCategoryId());
|
$perms = $authInfo->getPerms('forum', $topicInfo->getCategoryId());
|
||||||
}
|
}
|
||||||
|
|
||||||
if($msz->hasActiveBan())
|
if($usersCtx->hasActiveBan($currentUser))
|
||||||
$perms = $perms->apply(fn($calc) => $calc & (Perm::F_CATEGORY_LIST | Perm::F_CATEGORY_VIEW));
|
$perms = $perms->apply(fn($calc) => $calc & (Perm::F_CATEGORY_LIST | Perm::F_CATEGORY_VIEW));
|
||||||
|
|
||||||
$canDeleteAny = $perms->check(Perm::F_POST_DELETE_ANY);
|
$canDeleteAny = $perms->check(Perm::F_POST_DELETE_ANY);
|
||||||
|
@ -106,10 +107,11 @@ if(in_array($moderationMode, $validModerationModes, true)) {
|
||||||
if(!CSRF::validateRequest())
|
if(!CSRF::validateRequest())
|
||||||
Template::displayInfo("Couldn't verify this request, please refresh the page and try again.", 403);
|
Template::displayInfo("Couldn't verify this request, please refresh the page and try again.", 403);
|
||||||
|
|
||||||
if(!$msz->isLoggedIn())
|
$authInfo = $authInfo;
|
||||||
|
if(!$authInfo->isLoggedIn())
|
||||||
Template::displayInfo('You must be logged in to manage posts.', 401);
|
Template::displayInfo('You must be logged in to manage posts.', 401);
|
||||||
|
|
||||||
if($msz->hasActiveBan())
|
if($usersCtx->hasActiveBan($currentUser))
|
||||||
Template::displayInfo('You have been banned, check your profile for more information.', 403);
|
Template::displayInfo('You have been banned, check your profile for more information.', 403);
|
||||||
|
|
||||||
switch($moderationMode) {
|
switch($moderationMode) {
|
||||||
|
|
|
@ -7,7 +7,8 @@ use Index\DateTime;
|
||||||
use Index\XArray;
|
use Index\XArray;
|
||||||
use Misuzu\Changelog\Changelog;
|
use Misuzu\Changelog\Changelog;
|
||||||
|
|
||||||
if(!$msz->getAuthInfo()->getPerms('global')->check(Perm::G_CL_CHANGES_MANAGE))
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
if(!$authInfo->getPerms('global')->check(Perm::G_CL_CHANGES_MANAGE))
|
||||||
Template::throwError(403);
|
Template::throwError(403);
|
||||||
|
|
||||||
$changeActions = [];
|
$changeActions = [];
|
||||||
|
@ -113,5 +114,5 @@ Template::render('manage.changelog.change', [
|
||||||
'change_info_tags' => $changeTagIds,
|
'change_info_tags' => $changeTagIds,
|
||||||
'change_tags' => $tagInfos,
|
'change_tags' => $tagInfos,
|
||||||
'change_actions' => $changeActions,
|
'change_actions' => $changeActions,
|
||||||
'change_author_id' => $msz->getActiveUser()->getId(),
|
'change_author_id' => $authInfo->getUserInfo(),
|
||||||
]);
|
]);
|
||||||
|
|
|
@ -1,7 +1,8 @@
|
||||||
<?php
|
<?php
|
||||||
namespace Misuzu;
|
namespace Misuzu;
|
||||||
|
|
||||||
if(!$msz->getAuthInfo()->getPerms('global')->check(Perm::G_FORUM_TOPIC_REDIRS_MANAGE))
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
if(!$authInfo->getPerms('global')->check(Perm::G_FORUM_TOPIC_REDIRS_MANAGE))
|
||||||
Template::throwError(403);
|
Template::throwError(403);
|
||||||
|
|
||||||
$forum = $msz->getForum();
|
$forum = $msz->getForum();
|
||||||
|
@ -14,7 +15,7 @@ if($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||||
$rTopicURL = trim((string)filter_input(INPUT_POST, 'topic_redir_url'));
|
$rTopicURL = trim((string)filter_input(INPUT_POST, 'topic_redir_url'));
|
||||||
|
|
||||||
$msz->createAuditLog('FORUM_TOPIC_REDIR_CREATE', [$rTopicId]);
|
$msz->createAuditLog('FORUM_TOPIC_REDIR_CREATE', [$rTopicId]);
|
||||||
$forum->createTopicRedirect($rTopicId, $msz->getActiveUser(), $rTopicURL);
|
$forum->createTopicRedirect($rTopicId, $authInfo->getUserInfo(), $rTopicURL);
|
||||||
url_redirect('manage-forum-topic-redirs');
|
url_redirect('manage-forum-topic-redirs');
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,7 +3,8 @@ namespace Misuzu;
|
||||||
|
|
||||||
use RuntimeException;
|
use RuntimeException;
|
||||||
|
|
||||||
if(!$msz->getAuthInfo()->getPerms('global')->check(Perm::G_NEWS_POSTS_MANAGE))
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
if(!$authInfo->getPerms('global')->check(Perm::G_NEWS_POSTS_MANAGE))
|
||||||
Template::throwError(403);
|
Template::throwError(403);
|
||||||
|
|
||||||
$news = $msz->getNews();
|
$news = $msz->getNews();
|
||||||
|
@ -37,7 +38,7 @@ while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
|
||||||
$body = trim((string)filter_input(INPUT_POST, 'np_body'));
|
$body = trim((string)filter_input(INPUT_POST, 'np_body'));
|
||||||
|
|
||||||
if($isNew) {
|
if($isNew) {
|
||||||
$postInfo = $news->createPost($category, $title, $body, $featured, $msz->getActiveUser());
|
$postInfo = $news->createPost($category, $title, $body, $featured, $authInfo->getUserInfo());
|
||||||
} else {
|
} else {
|
||||||
if($category === $postInfo->getCategoryId())
|
if($category === $postInfo->getCategoryId())
|
||||||
$category = null;
|
$category = null;
|
||||||
|
|
|
@ -5,7 +5,8 @@ use DateTimeInterface;
|
||||||
use RuntimeException;
|
use RuntimeException;
|
||||||
use Index\DateTime;
|
use Index\DateTime;
|
||||||
|
|
||||||
if(!$msz->getAuthInfo()->getPerms('user')->check(Perm::U_BANS_MANAGE))
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
if(!$authInfo->getPerms('user')->check(Perm::U_BANS_MANAGE))
|
||||||
Template::throwError(403);
|
Template::throwError(403);
|
||||||
|
|
||||||
$usersCtx = $msz->getUsersContext();
|
$usersCtx = $msz->getUsersContext();
|
||||||
|
@ -33,7 +34,7 @@ try {
|
||||||
Template::throwError(404);
|
Template::throwError(404);
|
||||||
}
|
}
|
||||||
|
|
||||||
$modInfo = $msz->getActiveUser();
|
$modInfo = $authInfo->getUserInfo();
|
||||||
|
|
||||||
while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
|
while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
|
||||||
$expires = (int)filter_input(INPUT_POST, 'ub_expires', FILTER_SANITIZE_NUMBER_INT);
|
$expires = (int)filter_input(INPUT_POST, 'ub_expires', FILTER_SANITIZE_NUMBER_INT);
|
||||||
|
|
|
@ -3,7 +3,8 @@ namespace Misuzu;
|
||||||
|
|
||||||
use RuntimeException;
|
use RuntimeException;
|
||||||
|
|
||||||
if(!$msz->getAuthInfo()->getPerms('user')->check(Perm::U_NOTES_MANAGE))
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
if(!$authInfo->getPerms('user')->check(Perm::U_NOTES_MANAGE))
|
||||||
Template::throwError(403);
|
Template::throwError(403);
|
||||||
|
|
||||||
$hasNoteId = filter_has_var(INPUT_GET, 'n');
|
$hasNoteId = filter_has_var(INPUT_GET, 'n');
|
||||||
|
@ -24,7 +25,7 @@ if($hasUserId) {
|
||||||
Template::throwError(404);
|
Template::throwError(404);
|
||||||
}
|
}
|
||||||
|
|
||||||
$authorInfo = $msz->getActiveUser();
|
$authorInfo = $authInfo->getUserInfo();
|
||||||
} elseif($hasNoteId) {
|
} elseif($hasNoteId) {
|
||||||
$isNew = false;
|
$isNew = false;
|
||||||
|
|
||||||
|
|
|
@ -6,7 +6,8 @@ use Index\Colour\Colour;
|
||||||
use Index\Colour\ColourRGB;
|
use Index\Colour\ColourRGB;
|
||||||
use Misuzu\Perm;
|
use Misuzu\Perm;
|
||||||
|
|
||||||
$viewerPerms = $msz->getAuthInfo()->getPerms('user');
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
$viewerPerms = $authInfo->getPerms('user');
|
||||||
if(!$viewerPerms->check(Perm::U_ROLES_MANAGE))
|
if(!$viewerPerms->check(Perm::U_ROLES_MANAGE))
|
||||||
Template::throwError(403);
|
Template::throwError(403);
|
||||||
|
|
||||||
|
@ -26,7 +27,7 @@ if(filter_has_var(INPUT_GET, 'r')) {
|
||||||
}
|
}
|
||||||
} else $isNew = true;
|
} else $isNew = true;
|
||||||
|
|
||||||
$currentUser = $msz->getActiveUser();
|
$currentUser = $authInfo->getUserInfo();
|
||||||
$canEditPerms = $viewerPerms->check(Perm::U_PERMS_MANAGE);
|
$canEditPerms = $viewerPerms->check(Perm::U_PERMS_MANAGE);
|
||||||
|
|
||||||
$permsInfos = $perms->getPermissionInfo(roleInfo: $roleInfo, categoryNames: Perm::INFO_FOR_ROLE);
|
$permsInfos = $perms->getPermissionInfo(roleInfo: $roleInfo, categoryNames: Perm::INFO_FOR_ROLE);
|
||||||
|
|
|
@ -7,8 +7,9 @@ use Misuzu\Perm;
|
||||||
use Misuzu\Auth\AuthTokenCookie;
|
use Misuzu\Auth\AuthTokenCookie;
|
||||||
use Misuzu\Users\User;
|
use Misuzu\Users\User;
|
||||||
|
|
||||||
$viewerPerms = $msz->getAuthInfo()->getPerms('user');
|
$authInfo = $msz->getAuthInfo();
|
||||||
if(!$msz->isLoggedIn())
|
$viewerPerms = $authInfo->getPerms('user');
|
||||||
|
if(!$authInfo->isLoggedIn())
|
||||||
Template::throwError(403);
|
Template::throwError(403);
|
||||||
|
|
||||||
$usersCtx = $msz->getUsersContext();
|
$usersCtx = $msz->getUsersContext();
|
||||||
|
@ -16,7 +17,7 @@ $users = $usersCtx->getUsers();
|
||||||
$roles = $usersCtx->getRoles();
|
$roles = $usersCtx->getRoles();
|
||||||
$perms = $msz->getPerms();
|
$perms = $msz->getPerms();
|
||||||
|
|
||||||
$currentUser = $msz->getActiveUser();
|
$currentUser = $authInfo->getUserInfo();
|
||||||
|
|
||||||
$canManageUsers = $viewerPerms->check(Perm::U_USERS_MANAGE);
|
$canManageUsers = $viewerPerms->check(Perm::U_USERS_MANAGE);
|
||||||
$canManagePerms = $viewerPerms->check(Perm::U_PERMS_MANAGE);
|
$canManagePerms = $viewerPerms->check(Perm::U_PERMS_MANAGE);
|
||||||
|
@ -66,7 +67,7 @@ if(CSRF::validateRequest() && $canEdit) {
|
||||||
if($allowToImpersonate) {
|
if($allowToImpersonate) {
|
||||||
$msz->createAuditLog('USER_IMPERSONATE', [$userInfo->getId(), $userInfo->getName()]);
|
$msz->createAuditLog('USER_IMPERSONATE', [$userInfo->getId(), $userInfo->getName()]);
|
||||||
|
|
||||||
$tokenBuilder = $msz->getAuthInfo()->getTokenInfo()->toBuilder();
|
$tokenBuilder = $authInfo->getTokenInfo()->toBuilder();
|
||||||
$tokenBuilder->setImpersonatedUserId($userInfo->getId());
|
$tokenBuilder->setImpersonatedUserId($userInfo->getId());
|
||||||
$tokenInfo = $tokenBuilder->toInfo();
|
$tokenInfo = $tokenBuilder->toInfo();
|
||||||
|
|
||||||
|
|
|
@ -3,7 +3,8 @@ namespace Misuzu;
|
||||||
|
|
||||||
use RuntimeException;
|
use RuntimeException;
|
||||||
|
|
||||||
if(!$msz->getAuthInfo()->getPerms('user')->check(Perm::U_WARNINGS_MANAGE))
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
if(!$authInfo->getPerms('user')->check(Perm::U_WARNINGS_MANAGE))
|
||||||
Template::throwError(403);
|
Template::throwError(403);
|
||||||
|
|
||||||
$usersCtx = $msz->getUsersContext();
|
$usersCtx = $msz->getUsersContext();
|
||||||
|
@ -32,7 +33,7 @@ try {
|
||||||
Template::throwError(404);
|
Template::throwError(404);
|
||||||
}
|
}
|
||||||
|
|
||||||
$modInfo = $msz->getActiveUser();
|
$modInfo = $authInfo->getUserInfo();
|
||||||
|
|
||||||
while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
|
while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
|
||||||
$body = trim((string)filter_input(INPUT_POST, 'uw_body'));
|
$body = trim((string)filter_input(INPUT_POST, 'uw_body'));
|
||||||
|
|
|
@ -3,7 +3,8 @@ namespace Misuzu;
|
||||||
|
|
||||||
use RuntimeException;
|
use RuntimeException;
|
||||||
|
|
||||||
if(!$msz->isLoggedIn())
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
if(!$authInfo->isLoggedIn())
|
||||||
Template::throwError(403);
|
Template::throwError(403);
|
||||||
|
|
||||||
// TODO: restore forum-topics and forum-posts orderings
|
// TODO: restore forum-topics and forum-posts orderings
|
||||||
|
@ -74,7 +75,7 @@ if($roleId === null) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$canManageUsers = $msz->getAuthInfo()->getPerms('user')->check(Perm::U_USERS_MANAGE);
|
$canManageUsers = $authInfo->getPerms('user')->check(Perm::U_USERS_MANAGE);
|
||||||
$deleted = $canManageUsers ? null : false;
|
$deleted = $canManageUsers ? null : false;
|
||||||
|
|
||||||
$rolesAll = $roles->getRoles(hidden: false);
|
$rolesAll = $roles->getRoles(hidden: false);
|
||||||
|
|
|
@ -19,7 +19,8 @@ $usersCtx = $msz->getUsersContext();
|
||||||
$users = $usersCtx->getUsers();
|
$users = $usersCtx->getUsers();
|
||||||
$forum = $msz->getForum();
|
$forum = $msz->getForum();
|
||||||
|
|
||||||
$viewerInfo = $msz->getActiveUser();
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
$viewerInfo = $authInfo->getUserInfo();
|
||||||
$viewingAsGuest = $viewerInfo === null;
|
$viewingAsGuest = $viewerInfo === null;
|
||||||
$viewerId = $viewingAsGuest ? '0' : $viewerInfo->getId();
|
$viewerId = $viewingAsGuest ? '0' : $viewerInfo->getId();
|
||||||
|
|
||||||
|
@ -66,9 +67,9 @@ $notices = [];
|
||||||
$userRank = $usersCtx->getUserRank($userInfo);
|
$userRank = $usersCtx->getUserRank($userInfo);
|
||||||
$viewerRank = $usersCtx->getUserRank($viewerInfo);
|
$viewerRank = $usersCtx->getUserRank($viewerInfo);
|
||||||
|
|
||||||
$viewerPerms = $msz->getAuthInfo()->getPerms('user');
|
$viewerPerms = $authInfo->getPerms('user');
|
||||||
|
|
||||||
$activeBanInfo = $msz->tryGetActiveBan($userInfo);
|
$activeBanInfo = $usersCtx->tryGetActiveBan($userInfo);
|
||||||
$isBanned = $activeBanInfo !== null;
|
$isBanned = $activeBanInfo !== null;
|
||||||
$profileFields = $msz->getProfileFields();
|
$profileFields = $msz->getProfileFields();
|
||||||
$viewingOwnProfile = (string)$viewerId === $userInfo->getId();
|
$viewingOwnProfile = (string)$viewerId === $userInfo->getId();
|
||||||
|
|
|
@ -6,7 +6,8 @@ use RuntimeException;
|
||||||
use Index\XArray;
|
use Index\XArray;
|
||||||
use Misuzu\Comments\CommentsCategory;
|
use Misuzu\Comments\CommentsCategory;
|
||||||
|
|
||||||
if(!$msz->isLoggedIn())
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
if(!$authInfo->isLoggedIn())
|
||||||
Template::throwError(403);
|
Template::throwError(403);
|
||||||
|
|
||||||
$searchQuery = !empty($_GET['q']) && is_string($_GET['q']) ? $_GET['q'] : '';
|
$searchQuery = !empty($_GET['q']) && is_string($_GET['q']) ? $_GET['q'] : '';
|
||||||
|
@ -74,12 +75,12 @@ if(!empty($searchQuery)) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if(empty($searchQueryEvaluated['type']) || str_starts_with($searchQueryEvaluated['type'], 'forum')) {
|
if(empty($searchQueryEvaluated['type']) || str_starts_with($searchQueryEvaluated['type'], 'forum')) {
|
||||||
$currentUser = $msz->getActiveUser();
|
$currentUser = $authInfo->getUserInfo();
|
||||||
$currentUserId = $currentUser === null ? 0 : (int)$currentUser->getId();
|
$currentUserId = $currentUser === null ? 0 : (int)$currentUser->getId();
|
||||||
|
|
||||||
$forumCategoryIds = XArray::where(
|
$forumCategoryIds = XArray::where(
|
||||||
$forum->getCategories(hidden: false),
|
$forum->getCategories(hidden: false),
|
||||||
fn($categoryInfo) => $categoryInfo->mayHaveTopics() && $msz->getAuthInfo()->getPerms('forum', $categoryInfo)->check(Perm::F_CATEGORY_VIEW)
|
fn($categoryInfo) => $categoryInfo->mayHaveTopics() && $authInfo->getPerms('forum', $categoryInfo)->check(Perm::F_CATEGORY_VIEW)
|
||||||
);
|
);
|
||||||
|
|
||||||
$forumTopicInfos = $forum->getTopics(categoryInfo: $forumCategoryIds, deleted: false, searchQuery: $searchQueryEvaluated);
|
$forumTopicInfos = $forum->getTopics(categoryInfo: $forumCategoryIds, deleted: false, searchQuery: $searchQueryEvaluated);
|
||||||
|
|
|
@ -6,15 +6,16 @@ use Misuzu\Users\User;
|
||||||
use chillerlan\QRCode\QRCode;
|
use chillerlan\QRCode\QRCode;
|
||||||
use chillerlan\QRCode\QROptions;
|
use chillerlan\QRCode\QROptions;
|
||||||
|
|
||||||
if(!$msz->isLoggedIn())
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
if(!$authInfo->isLoggedIn())
|
||||||
Template::throwError(401);
|
Template::throwError(401);
|
||||||
|
|
||||||
$errors = [];
|
$errors = [];
|
||||||
$usersCtx = $msz->getUsersContext();
|
$usersCtx = $msz->getUsersContext();
|
||||||
$users = $usersCtx->getUsers();
|
$users = $usersCtx->getUsers();
|
||||||
$roles = $usersCtx->getRoles();
|
$roles = $usersCtx->getRoles();
|
||||||
$userInfo = $msz->getActiveUser();
|
$userInfo = $authInfo->getUserInfo();
|
||||||
$isRestricted = $msz->hasActiveBan();
|
$isRestricted = $usersCtx->hasActiveBan($userInfo);
|
||||||
$isVerifiedRequest = CSRF::validateRequest();
|
$isVerifiedRequest = CSRF::validateRequest();
|
||||||
|
|
||||||
if(!$isRestricted && $isVerifiedRequest && !empty($_POST['role'])) {
|
if(!$isRestricted && $isVerifiedRequest && !empty($_POST['role'])) {
|
||||||
|
|
|
@ -6,7 +6,8 @@ use Index\XString;
|
||||||
use Index\IO\FileStream;
|
use Index\IO\FileStream;
|
||||||
use Misuzu\Users\UserInfo;
|
use Misuzu\Users\UserInfo;
|
||||||
|
|
||||||
if(!$msz->isLoggedIn())
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
if(!$authInfo->isLoggedIn())
|
||||||
Template::throwError(401);
|
Template::throwError(401);
|
||||||
|
|
||||||
$dbConn = $msz->getDbConn();
|
$dbConn = $msz->getDbConn();
|
||||||
|
@ -98,7 +99,7 @@ function db_to_zip(ZipArchive $archive, UserInfo $userInfo, string $baseName, ar
|
||||||
}
|
}
|
||||||
|
|
||||||
$errors = [];
|
$errors = [];
|
||||||
$userInfo = $msz->getActiveUser();
|
$userInfo = $authInfo->getUserInfo();
|
||||||
|
|
||||||
if(isset($_POST['action']) && is_string($_POST['action'])) {
|
if(isset($_POST['action']) && is_string($_POST['action'])) {
|
||||||
if(isset($_POST['password']) && is_string($_POST['password'])
|
if(isset($_POST['password']) && is_string($_POST['password'])
|
||||||
|
|
|
@ -1,7 +1,8 @@
|
||||||
<?php
|
<?php
|
||||||
namespace Misuzu;
|
namespace Misuzu;
|
||||||
|
|
||||||
if(!$msz->isLoggedIn())
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
if(!$authInfo->isLoggedIn())
|
||||||
Template::throwError(401);
|
Template::throwError(401);
|
||||||
|
|
||||||
url_redirect('settings-account');
|
url_redirect('settings-account');
|
||||||
|
|
|
@ -3,7 +3,8 @@ namespace Misuzu;
|
||||||
|
|
||||||
use Misuzu\Pagination;
|
use Misuzu\Pagination;
|
||||||
|
|
||||||
$currentUser = $msz->getActiveUser();
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
$currentUser = $authInfo->getUserInfo();
|
||||||
if($currentUser === null)
|
if($currentUser === null)
|
||||||
Template::throwError(401);
|
Template::throwError(401);
|
||||||
|
|
||||||
|
|
|
@ -3,13 +3,14 @@ namespace Misuzu;
|
||||||
|
|
||||||
use RuntimeException;
|
use RuntimeException;
|
||||||
|
|
||||||
if(!$msz->isLoggedIn())
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
if(!$authInfo->isLoggedIn())
|
||||||
Template::throwError(401);
|
Template::throwError(401);
|
||||||
|
|
||||||
$errors = [];
|
$errors = [];
|
||||||
$sessions = $msz->getSessions();
|
$sessions = $msz->getSessions();
|
||||||
$currentUser = $msz->getActiveUser();
|
$currentUser = $authInfo->getUserInfo();
|
||||||
$activeSessionId = $msz->getAuthInfo()->getSessionId();
|
$activeSessionId = $authInfo->getSessionId();
|
||||||
|
|
||||||
while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
|
while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) {
|
||||||
$sessionId = (string)filter_input(INPUT_POST, 'session');
|
$sessionId = (string)filter_input(INPUT_POST, 'session');
|
||||||
|
|
|
@ -117,11 +117,12 @@ if($tokenInfo->hasUserId() && $tokenInfo->hasSessionToken()) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$msz->getAuthInfo()->setInfo($tokenInfo, $userInfo, $sessionInfo, $userInfoReal);
|
$authInfo = $msz->getAuthInfo();
|
||||||
|
$authInfo->setInfo($tokenInfo, $userInfo, $sessionInfo, $userInfoReal);
|
||||||
|
|
||||||
CSRF::init(
|
CSRF::init(
|
||||||
$cfg->getString('csrf.secret', 'soup'),
|
$cfg->getString('csrf.secret', 'soup'),
|
||||||
($msz->isLoggedIn() ? $sessionInfo->getToken() : $_SERVER['REMOTE_ADDR'])
|
($authInfo->isLoggedIn() ? $sessionInfo->getToken() : $_SERVER['REMOTE_ADDR'])
|
||||||
);
|
);
|
||||||
|
|
||||||
$msz->startTemplating();
|
$msz->startTemplating();
|
||||||
|
|
|
@ -183,32 +183,9 @@ class MisuzuContext {
|
||||||
return $this->authInfo;
|
return $this->authInfo;
|
||||||
}
|
}
|
||||||
|
|
||||||
// isLoggedIn and getActiveUser are proxied for convenience, supply authInfo to things in the future
|
|
||||||
public function isLoggedIn(): bool {
|
|
||||||
return $this->authInfo->isLoggedIn();
|
|
||||||
}
|
|
||||||
|
|
||||||
public function getActiveUser(): ?UserInfo {
|
|
||||||
return $this->authInfo->getUserInfo();
|
|
||||||
}
|
|
||||||
|
|
||||||
public function tryGetActiveBan(UserInfo|string|null $userInfo = null): ?BanInfo {
|
|
||||||
if($userInfo === null) {
|
|
||||||
if($this->isLoggedIn())
|
|
||||||
$userInfo = $this->getActiveUser();
|
|
||||||
else return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
return $this->usersCtx->tryGetActiveBan($userInfo);
|
|
||||||
}
|
|
||||||
|
|
||||||
public function hasActiveBan(UserInfo|string|null $userInfo = null): bool {
|
|
||||||
return $this->tryGetActiveBan($userInfo) !== null;
|
|
||||||
}
|
|
||||||
|
|
||||||
public function createAuditLog(string $action, array $params = [], UserInfo|string|null $userInfo = null): void {
|
public function createAuditLog(string $action, array $params = [], UserInfo|string|null $userInfo = null): void {
|
||||||
if($userInfo === null && $this->isLoggedIn())
|
if($userInfo === null && $this->authInfo->isLoggedIn())
|
||||||
$userInfo = $this->getActiveUser();
|
$userInfo = $this->authInfo->getUserInfo();
|
||||||
|
|
||||||
$this->auditLog->createLog(
|
$this->auditLog->createLog(
|
||||||
$userInfo,
|
$userInfo,
|
||||||
|
@ -221,8 +198,9 @@ class MisuzuContext {
|
||||||
|
|
||||||
private ?bool $hasManageAccess = null;
|
private ?bool $hasManageAccess = null;
|
||||||
public function hasManageAccess(): bool {
|
public function hasManageAccess(): bool {
|
||||||
$this->hasManageAccess ??= $this->authInfo->isLoggedIn() && !$this->hasActiveBan()
|
$this->hasManageAccess ??= $this->authInfo->isLoggedIn()
|
||||||
&& $this->getAuthInfo()->getPerms('global')->check(Perm::G_IS_JANITOR);
|
&& !$this->usersCtx->hasActiveBan($this->authInfo->getUserInfo())
|
||||||
|
&& $this->authInfo->getPerms('global')->check(Perm::G_IS_JANITOR);
|
||||||
return $this->hasManageAccess;
|
return $this->hasManageAccess;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -245,12 +223,11 @@ class MisuzuContext {
|
||||||
['eeprom.app:s', '', 'eeprom_app'],
|
['eeprom.app:s', '', 'eeprom_app'],
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$authInfo = $this->getAuthInfo();
|
|
||||||
$globals['assets'] = $this->getWebAssetInfo();
|
$globals['assets'] = $this->getWebAssetInfo();
|
||||||
$globals['auth_info'] = $authInfo;
|
$globals['auth_info'] = $this->authInfo;
|
||||||
$globals['active_ban_info'] = $this->tryGetActiveBan();
|
$globals['active_ban_info'] = $this->usersCtx->tryGetActiveBan($this->authInfo->getUserInfo());
|
||||||
$globals['display_timings_info'] = MSZ_DEBUG
|
$globals['display_timings_info'] = MSZ_DEBUG
|
||||||
|| $authInfo->getPerms('global')->check(Perm::G_TIMINGS_VIEW);
|
|| $this->authInfo->getPerms('global')->check(Perm::G_TIMINGS_VIEW);
|
||||||
|
|
||||||
$templating = new SasaeEnvironment(
|
$templating = new SasaeEnvironment(
|
||||||
MSZ_TEMPLATES,
|
MSZ_TEMPLATES,
|
||||||
|
|
|
@ -129,6 +129,7 @@ final class MisuzuSasaeExtension extends AbstractExtension {
|
||||||
public function getUserMenu(bool $inBroomCloset, string $manageUrl = ''): array {
|
public function getUserMenu(bool $inBroomCloset, string $manageUrl = ''): array {
|
||||||
$menu = [];
|
$menu = [];
|
||||||
$authInfo = $this->ctx->getAuthInfo();
|
$authInfo = $this->ctx->getAuthInfo();
|
||||||
|
$usersCtx = $this->ctx->getUsersContext();
|
||||||
|
|
||||||
if($authInfo->isLoggedIn()) {
|
if($authInfo->isLoggedIn()) {
|
||||||
$userInfo = $authInfo->getUserInfo();
|
$userInfo = $authInfo->getUserInfo();
|
||||||
|
@ -149,7 +150,7 @@ final class MisuzuSasaeExtension extends AbstractExtension {
|
||||||
'icon' => 'fas fa-search fa-fw',
|
'icon' => 'fas fa-search fa-fw',
|
||||||
];
|
];
|
||||||
|
|
||||||
if(!$this->ctx->hasActiveBan($userInfo) && $authInfo->getPerms('global')->check(Perm::G_IS_JANITOR)) {
|
if(!$usersCtx->hasActiveBan($userInfo) && $authInfo->getPerms('global')->check(Perm::G_IS_JANITOR)) {
|
||||||
// restore behaviour where clicking this button switches between
|
// restore behaviour where clicking this button switches between
|
||||||
// site version and broom version
|
// site version and broom version
|
||||||
if($inBroomCloset)
|
if($inBroomCloset)
|
||||||
|
|
|
@ -317,7 +317,7 @@ final class SharpChatRoutes implements IRouteHandler {
|
||||||
$userId = '';
|
$userId = '';
|
||||||
}
|
}
|
||||||
|
|
||||||
$banInfo = $this->usersCtx->getBans()->tryGetActiveBan($userId);
|
$banInfo = $this->usersCtx->tryGetActiveBan($userId);
|
||||||
if($banInfo === null)
|
if($banInfo === null)
|
||||||
return ['is_ban' => false];
|
return ['is_ban' => false];
|
||||||
|
|
||||||
|
@ -421,7 +421,7 @@ final class SharpChatRoutes implements IRouteHandler {
|
||||||
if($type !== 'user')
|
if($type !== 'user')
|
||||||
return 404;
|
return 404;
|
||||||
|
|
||||||
$banInfo = $this->usersCtx->getBans()->tryGetActiveBan($subject);
|
$banInfo = $this->usersCtx->tryGetActiveBan($subject);
|
||||||
if($banInfo === null)
|
if($banInfo === null)
|
||||||
return 404;
|
return 404;
|
||||||
|
|
||||||
|
|
|
@ -94,7 +94,10 @@ class UsersContext {
|
||||||
return $this->activeBans[$userInfo];
|
return $this->activeBans[$userInfo];
|
||||||
}
|
}
|
||||||
|
|
||||||
public function hasActiveBan(UserInfo|string|null $userInfo = null): bool {
|
public function hasActiveBan(
|
||||||
return $this->tryGetActiveBan($userInfo) !== null;
|
UserInfo|string|null $userInfo = null,
|
||||||
|
int $minimumSeverity = Bans::SEVERITY_MIN
|
||||||
|
): bool {
|
||||||
|
return $this->tryGetActiveBan($userInfo, $minimumSeverity) !== null;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue