Move "submanage" Session value into own methods
This commit is contained in:
Philipp
parent
cafb23f8f0
commit
44a9683008
|
|
@ -32,7 +32,7 @@ function removeme_post(App $a)
|
|||
return;
|
||||
}
|
||||
|
||||
if (!empty($_SESSION['submanage'])) {
|
||||
if (DI::userSession()->getSubManagedUserId()) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@ function settings_post(App $a)
|
|||
return;
|
||||
}
|
||||
|
||||
if (!empty($_SESSION['submanage'])) {
|
||||
if (DI::userSession()->getSubManagedUserId()) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
@ -152,7 +152,7 @@ function settings_content(App $a)
|
|||
return Login::form();
|
||||
}
|
||||
|
||||
if (!empty($_SESSION['submanage'])) {
|
||||
if (DI::userSession()->getSubManagedUserId()) {
|
||||
DI::sysmsg()->addNotice(DI::l10n()->t('Permission denied.'));
|
||||
return '';
|
||||
}
|
||||
|
|
|
|||
|
|
@ -287,7 +287,7 @@ class Nav
|
|||
$nav['messages']['outbox'] = ['message/sent', DI::l10n()->t('Outbox'), '', DI::l10n()->t('Outbox')];
|
||||
$nav['messages']['new'] = ['message/new', DI::l10n()->t('New Message'), '', DI::l10n()->t('New Message')];
|
||||
|
||||
if (User::hasIdentities(DI::session()->get('submanage') ?: DI::userSession()->getLocalUserId())) {
|
||||
if (User::hasIdentities(DI::userSession()->getSubManagedUserId() ?: DI::userSession()->getLocalUserId())) {
|
||||
$nav['delegation'] = ['delegation', DI::l10n()->t('Accounts'), '', DI::l10n()->t('Manage other pages')];
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -72,6 +72,20 @@ interface IHandleUserSessions
|
|||
*/
|
||||
public function isAuthenticated(): bool;
|
||||
|
||||
/**
|
||||
* Returns User ID of the managed user in case it's a different identity
|
||||
*
|
||||
* @return int|bool uid of the manager or false
|
||||
*/
|
||||
public function getSubManagedUserId();
|
||||
|
||||
/**
|
||||
* Sets the User ID of the managed user in case it's a different identity
|
||||
*
|
||||
* @param int $managed_uid The user id of the managing user
|
||||
*/
|
||||
public function setSubManagedUserId(int $managed_uid): void;
|
||||
|
||||
/**
|
||||
* Set the session variable that contains the contact IDs for the visitor's contact URL
|
||||
*
|
||||
|
|
|
|||
|
|
@ -118,4 +118,16 @@ class UserSession implements IHandleUserSessions
|
|||
{
|
||||
$this->session->set('remote', Contact::getVisitorByUrl($this->session->get('my_url')));
|
||||
}
|
||||
|
||||
/** {@inheritDoc} */
|
||||
public function getSubManagedUserId()
|
||||
{
|
||||
return $this->session->get('submanage') ?? false;
|
||||
}
|
||||
|
||||
/** {@inheritDoc} */
|
||||
public function setSubManagedUserId(int $managed_uid): void
|
||||
{
|
||||
$this->session->set('submanage', $managed_uid);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -63,7 +63,7 @@ abstract class BaseAdmin extends BaseModule
|
|||
throw new HTTPException\ForbiddenException(DI::l10n()->t('You don\'t have access to administration pages.'));
|
||||
}
|
||||
|
||||
if (!empty($_SESSION['submanage'])) {
|
||||
if (DI::userSession()->getSubManagedUserId()) {
|
||||
throw new HTTPException\ForbiddenException(DI::l10n()->t('Submanaged account can\'t access the administration pages. Please log back in as the main account.'));
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -45,8 +45,8 @@ class Delegation extends BaseModule
|
|||
$uid = DI::userSession()->getLocalUserId();
|
||||
$orig_record = User::getById(DI::app()->getLoggedInUserId());
|
||||
|
||||
if (DI::session()->get('submanage')) {
|
||||
$user = User::getById(DI::session()->get('submanage'));
|
||||
if (DI::userSession()->getSubManagedUserId()) {
|
||||
$user = User::getById(DI::userSession()->getSubManagedUserId());
|
||||
if (DBA::isResult($user)) {
|
||||
$uid = intval($user['uid']);
|
||||
$orig_record = $user;
|
||||
|
|
@ -101,7 +101,7 @@ class Delegation extends BaseModule
|
|||
DI::auth()->setForUser(DI::app(), $user, true, true);
|
||||
|
||||
if ($limited_id) {
|
||||
DI::session()->set('submanage', $original_id);
|
||||
DI::userSession()->setSubManagedUserId($original_id);
|
||||
}
|
||||
|
||||
$ret = [];
|
||||
|
|
@ -118,7 +118,7 @@ class Delegation extends BaseModule
|
|||
throw new ForbiddenException(DI::l10n()->t('Permission denied.'));
|
||||
}
|
||||
|
||||
$identities = User::identities(DI::session()->get('submanage', DI::userSession()->getLocalUserId()));
|
||||
$identities = User::identities(DI::userSession()->getSubManagedUserId() ?: DI::userSession()->getLocalUserId());
|
||||
|
||||
//getting additinal information for each identity
|
||||
foreach ($identities as $key => $identity) {
|
||||
|
|
|
|||
|
|
@ -76,7 +76,7 @@ class Delegation extends BaseSettings
|
|||
$user_id = $args->get(3);
|
||||
|
||||
if ($action === 'add' && $user_id) {
|
||||
if (DI::session()->get('submanage')) {
|
||||
if (DI::userSession()->getSubManagedUserId()) {
|
||||
DI::sysmsg()->addNotice(DI::l10n()->t('Delegated administrators can view but not change delegation permissions.'));
|
||||
DI::baseUrl()->redirect('settings/delegation');
|
||||
}
|
||||
|
|
@ -98,7 +98,7 @@ class Delegation extends BaseSettings
|
|||
}
|
||||
|
||||
if ($action === 'remove' && $user_id) {
|
||||
if (DI::session()->get('submanage')) {
|
||||
if (DI::userSession()->getSubManagedUserId()) {
|
||||
DI::sysmsg()->addNotice(DI::l10n()->t('Delegated administrators can view but not change delegation permissions.'));
|
||||
DI::baseUrl()->redirect('settings/delegation');
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user