Move "submanage" Session value into own methods
This commit is contained in:
parent
cafb23f8f0
commit
44a9683008
8 changed files with 37 additions and 11 deletions
|
@ -32,7 +32,7 @@ function removeme_post(App $a)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!empty($_SESSION['submanage'])) {
|
if (DI::userSession()->getSubManagedUserId()) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -51,7 +51,7 @@ function settings_post(App $a)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!empty($_SESSION['submanage'])) {
|
if (DI::userSession()->getSubManagedUserId()) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -152,7 +152,7 @@ function settings_content(App $a)
|
||||||
return Login::form();
|
return Login::form();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!empty($_SESSION['submanage'])) {
|
if (DI::userSession()->getSubManagedUserId()) {
|
||||||
DI::sysmsg()->addNotice(DI::l10n()->t('Permission denied.'));
|
DI::sysmsg()->addNotice(DI::l10n()->t('Permission denied.'));
|
||||||
return '';
|
return '';
|
||||||
}
|
}
|
||||||
|
|
|
@ -287,7 +287,7 @@ class Nav
|
||||||
$nav['messages']['outbox'] = ['message/sent', DI::l10n()->t('Outbox'), '', DI::l10n()->t('Outbox')];
|
$nav['messages']['outbox'] = ['message/sent', DI::l10n()->t('Outbox'), '', DI::l10n()->t('Outbox')];
|
||||||
$nav['messages']['new'] = ['message/new', DI::l10n()->t('New Message'), '', DI::l10n()->t('New Message')];
|
$nav['messages']['new'] = ['message/new', DI::l10n()->t('New Message'), '', DI::l10n()->t('New Message')];
|
||||||
|
|
||||||
if (User::hasIdentities(DI::session()->get('submanage') ?: DI::userSession()->getLocalUserId())) {
|
if (User::hasIdentities(DI::userSession()->getSubManagedUserId() ?: DI::userSession()->getLocalUserId())) {
|
||||||
$nav['delegation'] = ['delegation', DI::l10n()->t('Accounts'), '', DI::l10n()->t('Manage other pages')];
|
$nav['delegation'] = ['delegation', DI::l10n()->t('Accounts'), '', DI::l10n()->t('Manage other pages')];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -72,6 +72,20 @@ interface IHandleUserSessions
|
||||||
*/
|
*/
|
||||||
public function isAuthenticated(): bool;
|
public function isAuthenticated(): bool;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns User ID of the managed user in case it's a different identity
|
||||||
|
*
|
||||||
|
* @return int|bool uid of the manager or false
|
||||||
|
*/
|
||||||
|
public function getSubManagedUserId();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Sets the User ID of the managed user in case it's a different identity
|
||||||
|
*
|
||||||
|
* @param int $managed_uid The user id of the managing user
|
||||||
|
*/
|
||||||
|
public function setSubManagedUserId(int $managed_uid): void;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the session variable that contains the contact IDs for the visitor's contact URL
|
* Set the session variable that contains the contact IDs for the visitor's contact URL
|
||||||
*
|
*
|
||||||
|
|
|
@ -118,4 +118,16 @@ class UserSession implements IHandleUserSessions
|
||||||
{
|
{
|
||||||
$this->session->set('remote', Contact::getVisitorByUrl($this->session->get('my_url')));
|
$this->session->set('remote', Contact::getVisitorByUrl($this->session->get('my_url')));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** {@inheritDoc} */
|
||||||
|
public function getSubManagedUserId()
|
||||||
|
{
|
||||||
|
return $this->session->get('submanage') ?? false;
|
||||||
|
}
|
||||||
|
|
||||||
|
/** {@inheritDoc} */
|
||||||
|
public function setSubManagedUserId(int $managed_uid): void
|
||||||
|
{
|
||||||
|
$this->session->set('submanage', $managed_uid);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -63,7 +63,7 @@ abstract class BaseAdmin extends BaseModule
|
||||||
throw new HTTPException\ForbiddenException(DI::l10n()->t('You don\'t have access to administration pages.'));
|
throw new HTTPException\ForbiddenException(DI::l10n()->t('You don\'t have access to administration pages.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!empty($_SESSION['submanage'])) {
|
if (DI::userSession()->getSubManagedUserId()) {
|
||||||
throw new HTTPException\ForbiddenException(DI::l10n()->t('Submanaged account can\'t access the administration pages. Please log back in as the main account.'));
|
throw new HTTPException\ForbiddenException(DI::l10n()->t('Submanaged account can\'t access the administration pages. Please log back in as the main account.'));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -45,8 +45,8 @@ class Delegation extends BaseModule
|
||||||
$uid = DI::userSession()->getLocalUserId();
|
$uid = DI::userSession()->getLocalUserId();
|
||||||
$orig_record = User::getById(DI::app()->getLoggedInUserId());
|
$orig_record = User::getById(DI::app()->getLoggedInUserId());
|
||||||
|
|
||||||
if (DI::session()->get('submanage')) {
|
if (DI::userSession()->getSubManagedUserId()) {
|
||||||
$user = User::getById(DI::session()->get('submanage'));
|
$user = User::getById(DI::userSession()->getSubManagedUserId());
|
||||||
if (DBA::isResult($user)) {
|
if (DBA::isResult($user)) {
|
||||||
$uid = intval($user['uid']);
|
$uid = intval($user['uid']);
|
||||||
$orig_record = $user;
|
$orig_record = $user;
|
||||||
|
@ -101,7 +101,7 @@ class Delegation extends BaseModule
|
||||||
DI::auth()->setForUser(DI::app(), $user, true, true);
|
DI::auth()->setForUser(DI::app(), $user, true, true);
|
||||||
|
|
||||||
if ($limited_id) {
|
if ($limited_id) {
|
||||||
DI::session()->set('submanage', $original_id);
|
DI::userSession()->setSubManagedUserId($original_id);
|
||||||
}
|
}
|
||||||
|
|
||||||
$ret = [];
|
$ret = [];
|
||||||
|
@ -118,7 +118,7 @@ class Delegation extends BaseModule
|
||||||
throw new ForbiddenException(DI::l10n()->t('Permission denied.'));
|
throw new ForbiddenException(DI::l10n()->t('Permission denied.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
$identities = User::identities(DI::session()->get('submanage', DI::userSession()->getLocalUserId()));
|
$identities = User::identities(DI::userSession()->getSubManagedUserId() ?: DI::userSession()->getLocalUserId());
|
||||||
|
|
||||||
//getting additinal information for each identity
|
//getting additinal information for each identity
|
||||||
foreach ($identities as $key => $identity) {
|
foreach ($identities as $key => $identity) {
|
||||||
|
|
|
@ -76,7 +76,7 @@ class Delegation extends BaseSettings
|
||||||
$user_id = $args->get(3);
|
$user_id = $args->get(3);
|
||||||
|
|
||||||
if ($action === 'add' && $user_id) {
|
if ($action === 'add' && $user_id) {
|
||||||
if (DI::session()->get('submanage')) {
|
if (DI::userSession()->getSubManagedUserId()) {
|
||||||
DI::sysmsg()->addNotice(DI::l10n()->t('Delegated administrators can view but not change delegation permissions.'));
|
DI::sysmsg()->addNotice(DI::l10n()->t('Delegated administrators can view but not change delegation permissions.'));
|
||||||
DI::baseUrl()->redirect('settings/delegation');
|
DI::baseUrl()->redirect('settings/delegation');
|
||||||
}
|
}
|
||||||
|
@ -98,7 +98,7 @@ class Delegation extends BaseSettings
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($action === 'remove' && $user_id) {
|
if ($action === 'remove' && $user_id) {
|
||||||
if (DI::session()->get('submanage')) {
|
if (DI::userSession()->getSubManagedUserId()) {
|
||||||
DI::sysmsg()->addNotice(DI::l10n()->t('Delegated administrators can view but not change delegation permissions.'));
|
DI::sysmsg()->addNotice(DI::l10n()->t('Delegated administrators can view but not change delegation permissions.'));
|
||||||
DI::baseUrl()->redirect('settings/delegation');
|
DI::baseUrl()->redirect('settings/delegation');
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue