2017-08-04 16:28:16 +02:00
|
|
|
<?php
|
2020-09-07 15:04:06 +02:00
|
|
|
/*
|
|
|
|
* OpenSTAManager: il software gestionale open source per l'assistenza tecnica e la fatturazione
|
2021-01-20 15:08:51 +01:00
|
|
|
* Copyright (C) DevCode s.r.l.
|
2020-09-07 15:04:06 +02:00
|
|
|
*
|
|
|
|
* This program is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
|
|
* (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
*/
|
2017-08-04 16:28:16 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Classe per gestire i permessi di accesso alle diverse sezioni del progetto.
|
|
|
|
*
|
|
|
|
* @since 2.3
|
|
|
|
*/
|
|
|
|
class Permissions
|
|
|
|
{
|
2017-08-31 11:32:49 +02:00
|
|
|
/** @var array Elenco dei permessi necessari */
|
2017-08-04 16:28:16 +02:00
|
|
|
protected static $permissions = [];
|
2017-08-31 11:32:49 +02:00
|
|
|
/** @var bool Condizione riguardante il controllo effettivo dei permessi */
|
2017-08-04 16:28:16 +02:00
|
|
|
protected static $skip_permissions = false;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Aggiunge un modulo di cui eseguire il controllo dei permessi.
|
|
|
|
*
|
|
|
|
* @param string $id
|
|
|
|
*/
|
|
|
|
public static function addModule($module)
|
|
|
|
{
|
2017-09-22 15:19:59 +02:00
|
|
|
$id = Modules::get($module)['id'];
|
2017-09-19 16:20:44 +02:00
|
|
|
if (!in_array($id, self::$permissions)) {
|
2017-08-04 16:28:16 +02:00
|
|
|
self::$permissions[] = $id;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Ignora il controllo dei permessi per la pagina corrente.
|
|
|
|
*/
|
|
|
|
public static function skip()
|
|
|
|
{
|
|
|
|
self::$skip_permissions = true;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Riabilita il controllo dei permessi per la pagina corrente.
|
|
|
|
*/
|
|
|
|
public static function execute()
|
|
|
|
{
|
|
|
|
self::$skip_permissions = false;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Restituisce la variabile per cui si effettua o meno il controllo dei permessi per la pagina corrente.
|
|
|
|
*
|
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
public static function getSkip()
|
|
|
|
{
|
|
|
|
return self::$skip_permissions;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Esegue il controllo dei permessi.
|
|
|
|
*
|
|
|
|
* @return bool
|
|
|
|
*/
|
2017-09-21 15:51:39 +02:00
|
|
|
public static function check($permissions = [], $die = true)
|
2017-08-04 16:28:16 +02:00
|
|
|
{
|
|
|
|
if (empty($permissions)) {
|
|
|
|
$permissions = ['r', 'rw'];
|
|
|
|
} elseif (!is_array($permissions)) {
|
|
|
|
$permissions = [$permissions];
|
|
|
|
}
|
|
|
|
|
|
|
|
$result = true;
|
|
|
|
|
|
|
|
if (!self::getSkip()) {
|
2020-09-23 17:53:19 +02:00
|
|
|
if (!Auth::check() && getURLPath() == slashes(base_path().'/index.php')) {
|
|
|
|
redirect(base_path().'/index.php');
|
2017-08-04 16:28:16 +02:00
|
|
|
$result = false;
|
2019-01-03 11:04:28 +01:00
|
|
|
exit();
|
2017-08-04 16:28:16 +02:00
|
|
|
} else {
|
|
|
|
if (!empty(self::$permissions)) {
|
|
|
|
foreach (self::$permissions as $module) {
|
|
|
|
if (!in_array(Modules::getPermission($module), $permissions)) {
|
|
|
|
$result = false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-09-21 15:51:39 +02:00
|
|
|
if (!$result && $die) {
|
2017-09-04 12:02:29 +02:00
|
|
|
die(tr('Accesso negato'));
|
2017-08-04 16:28:16 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return $result;
|
|
|
|
}
|
|
|
|
}
|