mirror of
https://github.com/FH-Complete/FHC-Core.git
synced 2026-06-01 20:29:29 +00:00
Paolo
81e4f2968e
- Added new core controller called Auth_Controller that extends FHC_Controller and manage the authentication - All the controllers that were extending the CI_Controller now they extend the FHC_Controller - All the controllers that were extending the FHC_Controller now they extend the Auth_Controller - Added the method isAllowed to the FiltersLib to check if the authenticated user has the required permissions - FilterWidget and controller Filters are using the method isAllowed from the FiltersLib
39 lines
982 B
PHP
39 lines
982 B
PHP
<?php
|
|
|
|
if (! defined('BASEPATH')) exit('No direct script access allowed');
|
|
|
|
class Auth_Controller extends FHC_Controller
|
|
{
|
|
/**
|
|
* Extends this controller if authentication is required
|
|
*/
|
|
public function __construct($requiredPermissions)
|
|
{
|
|
parent::__construct();
|
|
|
|
// Loads authentication helper
|
|
$this->load->helper('fhcauth');
|
|
|
|
// Checks if the caller is allowed to access to this content
|
|
$this->_isAllowed($requiredPermissions);
|
|
}
|
|
|
|
/**
|
|
* Checks if the caller is allowed to access to this content with the given permissions
|
|
* If it is not allowed will set the HTTP header with code 401
|
|
* Wrapper for _checkPermissions
|
|
*/
|
|
private function _isAllowed($requiredPermissions)
|
|
{
|
|
// Loads permission lib
|
|
$this->load->library('PermissionLib');
|
|
|
|
if (!$this->permissionlib->isEntitled($requiredPermissions, $this->router->method))
|
|
{
|
|
header('HTTP/1.0 401 Unauthorized');
|
|
echo 'You are not allowed to access to this content';
|
|
exit;
|
|
}
|
|
}
|
|
}
|