58 lines
1.8 KiB
PHP
58 lines
1.8 KiB
PHP
<?php
|
|
|
|
class Permissions {
|
|
|
|
|
|
public static function checkRights($command,$rights) {
|
|
if (session_id() == '') {
|
|
session_start();
|
|
}
|
|
if (!array_key_exists($command, $rights)) {
|
|
echo json_encode(array("status" => "ERROR", "code" => ERROR_COMMAND_NOT_FOUND, "msg" => ERROR_COMMAND_NOT_FOUND_MSG));
|
|
return false;
|
|
}
|
|
$cmdRights = $rights[$command];
|
|
if ($cmdRights["loggedin"] == 1) {
|
|
if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) {
|
|
echo json_encode(array("status" => "ERROR", "code" => ERROR_NOT_AUTHOTRIZED, "msg" => ERROR_NOT_AUTHOTRIZED_MSG));
|
|
return false;
|
|
}
|
|
}
|
|
if ($cmdRights["isadmin"] == 1) {
|
|
if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) {
|
|
echo json_encode(array("status" => "ERROR", "code" => ERROR_NOT_AUTHOTRIZED, "msg" => ERROR_NOT_AUTHOTRIZED_MSG));
|
|
return false;
|
|
} else {
|
|
if ($_SESSION['is_admin'] == false) {
|
|
echo json_encode(array("status" => "ERROR", "code" => ERROR_COMMAND_NOT_ADMIN, "msg" => ERROR_COMMAND_NOT_ADMIN_MSG));
|
|
return false;
|
|
}
|
|
}
|
|
}
|
|
if (!is_null($cmdRights["rights"])) {
|
|
foreach ($cmdRights["rights"] as $aRight) {
|
|
if ($aRight == 'timetracking') {
|
|
if (($_SESSION['is_admin']) || ($_SESSION['right_timetracking'])) {
|
|
return true;
|
|
}
|
|
} else if ($aRight == 'timemanager') {
|
|
if ($_SESSION['right_timemanager']) {
|
|
return true;
|
|
}
|
|
} else if ($aRight == 'tasks') {
|
|
if (($_SESSION['is_admin']) || ($_SESSION['right_tasks'])) {
|
|
return true;
|
|
}
|
|
} else if ($aRight == 'tasksmanagement') {
|
|
if ($_SESSION['right_tasksmanagement']) {
|
|
return true;
|
|
}
|
|
}
|
|
}
|
|
echo json_encode(array("status" => "ERROR", "code" => ERROR_NOT_AUTHOTRIZED, "msg" => ERROR_NOT_AUTHOTRIZED_MSG));
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
}
|