ordersprinter/webapp/php/utilities/permissions.php

<?php

class Permissions {
	
	
	public static function checkRights($command,$rights) {
		if (session_id() == '') {
			session_start();
		}
		if (!array_key_exists($command, $rights)) {
			echo json_encode(array("status" => "ERROR", "code" => ERROR_COMMAND_NOT_FOUND, "msg" => ERROR_COMMAND_NOT_FOUND_MSG));
			return false;
		}
		$cmdRights = $rights[$command];
		if ($cmdRights["loggedin"] == 1) {
			if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) {
				echo json_encode(array("status" => "ERROR", "code" => ERROR_NOT_AUTHOTRIZED, "msg" => ERROR_NOT_AUTHOTRIZED_MSG));
				return false;
			}
		}
		if ($cmdRights["isadmin"] == 1) {
			if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) {
				echo json_encode(array("status" => "ERROR", "code" => ERROR_NOT_AUTHOTRIZED, "msg" => ERROR_NOT_AUTHOTRIZED_MSG));
				return false;
			} else {
				if ($_SESSION['is_admin'] == false) {
					echo json_encode(array("status" => "ERROR", "code" => ERROR_COMMAND_NOT_ADMIN, "msg" => ERROR_COMMAND_NOT_ADMIN_MSG));
					return false;
				}
			}
		}
		if (!is_null($cmdRights["rights"])) {
			foreach ($cmdRights["rights"] as $aRight) {
				if ($aRight == 'timetracking') {
					if (($_SESSION['is_admin']) || ($_SESSION['right_timetracking'])) {
						return true;
					}
				} else if ($aRight == 'timemanager') {
					if ($_SESSION['right_timemanager']) {
						return true;
					}
				} else if ($aRight == 'tasks') {
					if (($_SESSION['is_admin']) || ($_SESSION['right_tasks'])) {
						return true;
					}
				} else if ($aRight == 'tasksmanagement') {
					if ($_SESSION['right_tasksmanagement']) {
						return true;
					}
				}
			}
			echo json_encode(array("status" => "ERROR", "code" => ERROR_NOT_AUTHOTRIZED, "msg" => ERROR_NOT_AUTHOTRIZED_MSG));
			return false;
		}
		return true;
	}
}
OrderSprinter 1.5.2 2020-11-19 23:11:33 +01:00			`<?php`

			`class Permissions {`


			`public static function checkRights($command,$rights) {`
			`if (session_id() == '') {`
			`session_start();`
			`}`
			`if (!array_key_exists($command, $rights)) {`
			`echo json_encode(array("status" => "ERROR", "code" => ERROR_COMMAND_NOT_FOUND, "msg" => ERROR_COMMAND_NOT_FOUND_MSG));`
			`return false;`
			`}`
			`$cmdRights = $rights[$command];`
			`if ($cmdRights["loggedin"] == 1) {`
			`if (!isset($_SESSION['angemeldet']) \|\| !$_SESSION['angemeldet']) {`
			`echo json_encode(array("status" => "ERROR", "code" => ERROR_NOT_AUTHOTRIZED, "msg" => ERROR_NOT_AUTHOTRIZED_MSG));`
			`return false;`
			`}`
			`}`
			`if ($cmdRights["isadmin"] == 1) {`
			`if (!isset($_SESSION['angemeldet']) \|\| !$_SESSION['angemeldet']) {`
			`echo json_encode(array("status" => "ERROR", "code" => ERROR_NOT_AUTHOTRIZED, "msg" => ERROR_NOT_AUTHOTRIZED_MSG));`
			`return false;`
			`} else {`
			`if ($_SESSION['is_admin'] == false) {`
			`echo json_encode(array("status" => "ERROR", "code" => ERROR_COMMAND_NOT_ADMIN, "msg" => ERROR_COMMAND_NOT_ADMIN_MSG));`
			`return false;`
			`}`
			`}`
			`}`
			`if (!is_null($cmdRights["rights"])) {`
			`foreach ($cmdRights["rights"] as $aRight) {`
			`if ($aRight == 'timetracking') {`
			`if (($_SESSION['is_admin']) \|\| ($_SESSION['right_timetracking'])) {`
			`return true;`
			`}`
			`} else if ($aRight == 'timemanager') {`
			`if ($_SESSION['right_timemanager']) {`
			`return true;`
			`}`
			`} else if ($aRight == 'tasks') {`
			`if (($_SESSION['is_admin']) \|\| ($_SESSION['right_tasks'])) {`
			`return true;`
			`}`
			`} else if ($aRight == 'tasksmanagement') {`
			`if ($_SESSION['right_tasksmanagement']) {`
			`return true;`
			`}`
			`}`
			`}`
			`echo json_encode(array("status" => "ERROR", "code" => ERROR_NOT_AUTHOTRIZED, "msg" => ERROR_NOT_AUTHOTRIZED_MSG));`
			`return false;`
			`}`
			`return true;`
			`}`
			`}`