Fix INFOS mgmt
This commit is contained in:
parent
339585721e
commit
1a18864830
@ -3,7 +3,7 @@
|
|||||||
Plugin Name: Auth Manager Plus
|
Plugin Name: Auth Manager Plus
|
||||||
Plugin URI: https://github.com/joshp23/YOURLS-AuthMgrPlus
|
Plugin URI: https://github.com/joshp23/YOURLS-AuthMgrPlus
|
||||||
Description: Role Based Access Controlls with seperated user data for authenticated users
|
Description: Role Based Access Controlls with seperated user data for authenticated users
|
||||||
Version: 1.0.5
|
Version: 1.0.6
|
||||||
Author: Josh Panter, nicwaller, Ian Barber <ian.barber@gmail.com>
|
Author: Josh Panter, nicwaller, Ian Barber <ian.barber@gmail.com>
|
||||||
Author URI: https://unfettered.net
|
Author URI: https://unfettered.net
|
||||||
*/
|
*/
|
||||||
@ -290,23 +290,31 @@ function amp_admin_list_where($where) {
|
|||||||
|
|
||||||
return $where;
|
return $where;
|
||||||
}
|
}
|
||||||
|
|
||||||
// API stats
|
// API stats
|
||||||
yourls_add_filter( 'api_url_stats', 'amp_api_url_stats' );
|
yourls_add_filter( 'api_url_stats', 'amp_api_url_stats' );
|
||||||
function amp_api_url_stats( $return, $shorturl ) {
|
function amp_api_url_stats( $return, $shorturl ) {
|
||||||
|
|
||||||
$keyword = str_replace( YOURLS_SITE . '/' , '', $shorturl ); // accept either 'http://ozh.in/abc' or 'abc'
|
$keyword = str_replace( YOURLS_SITE . '/' , '', $shorturl ); // accept either 'http://ozh.in/abc' or 'abc'
|
||||||
$keyword = yourls_sanitize_string( $keyword );
|
$keyword = yourls_sanitize_string( $keyword );
|
||||||
$keyword = addslashes($keyword);
|
$keyword = addslashes($keyword);
|
||||||
|
|
||||||
if(amp_access_keyword($keyword))
|
if( ( !defined('YOURLS_PRIVATE_INFOS') || YOURLS_PRIVATE_INFOS !== false )
|
||||||
return $return;
|
&& !amp_access_keyword($keyword) )
|
||||||
else
|
|
||||||
return array('simple' => "URL is owned by another user", 'message' => 'URL is owned by another user', 'errorCode' => 403);
|
return array('simple' => "URL is owned by another user", 'message' => 'URL is owned by another user', 'errorCode' => 403);
|
||||||
|
|
||||||
|
else
|
||||||
|
return $return;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Info pages
|
// Info pages
|
||||||
yourls_add_action( 'pre_yourls_infos', 'amp_pre_yourls_infos' );
|
yourls_add_action( 'pre_yourls_infos', 'amp_pre_yourls_infos' );
|
||||||
function amp_pre_yourls_infos( $keyword ) {
|
function amp_pre_yourls_infos( $keyword ) {
|
||||||
if( !amp_access_keyword($keyword) ) {
|
|
||||||
|
if( yourls_is_private() && !amp_access_keyword($keyword) ) {
|
||||||
|
|
||||||
$authenticated = yourls_is_valid_user();
|
$authenticated = yourls_is_valid_user();
|
||||||
|
|
||||||
if ( $authenticated === true )
|
if ( $authenticated === true )
|
||||||
yourls_redirect( yourls_admin_url( '?access=denied' ), 302 );
|
yourls_redirect( yourls_admin_url( '?access=denied' ), 302 );
|
||||||
else
|
else
|
||||||
@ -459,6 +467,7 @@ function amp_activated() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/***************** HELPER FUNCTIONS ********************/
|
/***************** HELPER FUNCTIONS ********************/
|
||||||
|
|
||||||
// List currently available capabilities
|
// List currently available capabilities
|
||||||
@ -518,6 +527,7 @@ function amp_access_keyword( $keyword ) {
|
|||||||
|
|
||||||
return $result > 0;
|
return $result > 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check user rights to a keyword ( can manage it )
|
// Check user rights to a keyword ( can manage it )
|
||||||
function amp_manage_keyword( $keyword, $capability ) {
|
function amp_manage_keyword( $keyword, $capability ) {
|
||||||
// only authenticated users can manaage keywords
|
// only authenticated users can manaage keywords
|
||||||
@ -548,6 +558,7 @@ function amp_manage_keyword( $keyword, $capability ) {
|
|||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check keyword ownership
|
// Check keyword ownership
|
||||||
function amp_keyword_owner( $keyword ) {
|
function amp_keyword_owner( $keyword ) {
|
||||||
global $ydb;
|
global $ydb;
|
||||||
|
Loading…
Reference in New Issue
Block a user