beatify code
This commit is contained in:
parent
04bdfc1ed0
commit
f562ab8fa1
@ -38,7 +38,6 @@ class AuthmgrCapability {
|
|||||||
const ViewStats = 'ViewStats';
|
const ViewStats = 'ViewStats';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/********** Add hooks to intercept functionality in CORE ********/
|
/********** Add hooks to intercept functionality in CORE ********/
|
||||||
|
|
||||||
yourls_add_action( 'load_template_infos', 'authmgr_intercept_stats' );
|
yourls_add_action( 'load_template_infos', 'authmgr_intercept_stats' );
|
||||||
@ -69,29 +68,29 @@ yourls_add_action( 'auth_successful', 'authmgr_intercept_admin' );
|
|||||||
function authmgr_intercept_admin() {
|
function authmgr_intercept_admin() {
|
||||||
authmgr_require_capability( AuthmgrCapability::ShowAdmin );
|
authmgr_require_capability( AuthmgrCapability::ShowAdmin );
|
||||||
|
|
||||||
// we use this GET param to send up a feedback notice to user
|
// we use this GET param to send up a feedback notice to user
|
||||||
if ( isset( $_GET['access'] ) && $_GET['access']=='denied' ) {
|
if ( isset( $_GET['access'] ) && $_GET['access']=='denied' ) {
|
||||||
yourls_add_notice('Access Denied');
|
yourls_add_notice('Access Denied');
|
||||||
}
|
}
|
||||||
|
|
||||||
$action_capability_map = array(
|
$action_capability_map = array(
|
||||||
'add' => AuthmgrCapability::AddURL,
|
'add' => AuthmgrCapability::AddURL,
|
||||||
'delete' => AuthmgrCapability::DeleteURL,
|
'delete' => AuthmgrCapability::DeleteURL,
|
||||||
'edit_display' => AuthmgrCapability::EditURL,
|
'edit_display' => AuthmgrCapability::EditURL,
|
||||||
'edit_save' => AuthmgrCapability::EditURL,
|
'edit_save' => AuthmgrCapability::EditURL,
|
||||||
'activate' => AuthmgrCapability::ManagePlugins,
|
'activate' => AuthmgrCapability::ManagePlugins,
|
||||||
'deactivate' => AuthmgrCapability::ManagePlugins,
|
'deactivate' => AuthmgrCapability::ManagePlugins,
|
||||||
);
|
);
|
||||||
// allow manipulation of this list
|
// allow manipulation of this list
|
||||||
yourls_apply_filter( authmgr_action_capability_map, $action_capability_map);
|
yourls_apply_filter( authmgr_action_capability_map, $action_capability_map);
|
||||||
|
|
||||||
// intercept requests for plugin management
|
// intercept requests for plugin management
|
||||||
if ( isset( $_REQUEST['plugin'] ) ) {
|
if ( isset( $_REQUEST['plugin'] ) ) {
|
||||||
$action_keyword = $_REQUEST['action'];
|
$action_keyword = $_REQUEST['action'];
|
||||||
$cap_needed = $action_capability_map[$action_keyword];
|
$cap_needed = $action_capability_map[$action_keyword];
|
||||||
if ( $cap_needed !== NULL && authmgr_have_capability( $cap_needed ) !== true) {
|
if ( $cap_needed !== NULL && authmgr_have_capability( $cap_needed ) !== true) {
|
||||||
yourls_redirect( yourls_admin_url( '?access=denied' ), 302 );
|
yourls_redirect( yourls_admin_url( '?access=denied' ), 302 );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Key actions like Add/Edit/Delete are AJAX requests
|
// Key actions like Add/Edit/Delete are AJAX requests
|
||||||
@ -116,8 +115,8 @@ yourls_add_filter( 'logout_link', 'authmgr_html_append_roles' );
|
|||||||
* currently available, just by mousing over the username in the logout link.
|
* currently available, just by mousing over the username in the logout link.
|
||||||
*/
|
*/
|
||||||
function authmgr_html_append_roles( $original ) {
|
function authmgr_html_append_roles( $original ) {
|
||||||
$authenticated = yourls_is_valid_user();
|
$authenticated = yourls_is_valid_user();
|
||||||
if ( $authenticated === true ) {
|
if ( $authenticated === true ) {
|
||||||
$listcaps = implode(', ', authmgr_enumerate_current_capabilities());
|
$listcaps = implode(', ', authmgr_enumerate_current_capabilities());
|
||||||
return '<div title="'.$listcaps.'">'.$original.'</div>';
|
return '<div title="'.$listcaps.'">'.$original.'</div>';
|
||||||
} else {
|
} else {
|
||||||
@ -139,7 +138,7 @@ function authmgr_require_capability( $capability ) {
|
|||||||
die('Require permissions to show admin interface.');
|
die('Require permissions to show admin interface.');
|
||||||
}
|
}
|
||||||
// Otherwise, render errors in admin interface
|
// Otherwise, render errors in admin interface
|
||||||
yourls_redirect( yourls_admin_url( '?access=denied' ), 302 );
|
yourls_redirect( yourls_admin_url( '?access=denied' ), 302 );
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -150,13 +149,13 @@ function authmgr_require_capability( $capability ) {
|
|||||||
function authmgr_enumerate_current_capabilities() {
|
function authmgr_enumerate_current_capabilities() {
|
||||||
$current_capabilities = array();
|
$current_capabilities = array();
|
||||||
$all_capabilities = authmgr_enumerate_all_capabilities();
|
$all_capabilities = authmgr_enumerate_all_capabilities();
|
||||||
|
|
||||||
foreach ( $all_capabilities as $cap ) {
|
foreach ( $all_capabilities as $cap ) {
|
||||||
if ( authmgr_have_capability( $cap ) ) {
|
if ( authmgr_have_capability( $cap ) ) {
|
||||||
$current_capabilities[] = $cap;
|
$current_capabilities[] = $cap;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return $current_capabilities;
|
return $current_capabilities;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -181,7 +180,7 @@ function authmgr_enumerate_all_capabilities() {
|
|||||||
* only change 'false' to 'true', never the other way around.
|
* only change 'false' to 'true', never the other way around.
|
||||||
*/
|
*/
|
||||||
function authmgr_have_capability( $capability ) {
|
function authmgr_have_capability( $capability ) {
|
||||||
return yourls_apply_filter( AUTHMGR_ALLOW, false, $capability);
|
return yourls_apply_filter( AUTHMGR_ALLOW, false, $capability);
|
||||||
}
|
}
|
||||||
|
|
||||||
/******************* FILTERS THAT GRANT CAPABILITIES *****************************/
|
/******************* FILTERS THAT GRANT CAPABILITIES *****************************/
|
||||||
@ -225,7 +224,7 @@ function authmgr_check_user_capability( $original, $capability ) {
|
|||||||
|
|
||||||
// Enumerate the capabilities available to this user through roles
|
// Enumerate the capabilities available to this user through roles
|
||||||
$user_caps = array();
|
$user_caps = array();
|
||||||
|
|
||||||
foreach ( $authmgr_role_capabilities as $rolename => $rolecaps ) {
|
foreach ( $authmgr_role_capabilities as $rolename => $rolecaps ) {
|
||||||
if ( authmgr_user_has_role( YOURLS_USER, $rolename ) ) {
|
if ( authmgr_user_has_role( YOURLS_USER, $rolename ) ) {
|
||||||
$user_caps = array_merge( $user_caps, $rolecaps );
|
$user_caps = array_merge( $user_caps, $rolecaps );
|
||||||
@ -335,14 +334,14 @@ function authmgr_environment_check() {
|
|||||||
AuthmgrCapability::EditURL,
|
AuthmgrCapability::EditURL,
|
||||||
AuthmgrCapability::ManagePlugins,
|
AuthmgrCapability::ManagePlugins,
|
||||||
AuthmgrCapability::API,
|
AuthmgrCapability::API,
|
||||||
AuthmgrCapability::ViewStats,
|
AuthmgrCapability::ViewStats,
|
||||||
),
|
),
|
||||||
AuthmgrRoles::Editor => array(
|
AuthmgrRoles::Editor => array(
|
||||||
AuthmgrCapability::ShowAdmin,
|
AuthmgrCapability::ShowAdmin,
|
||||||
AuthmgrCapability::AddURL,
|
AuthmgrCapability::AddURL,
|
||||||
AuthmgrCapability::EditURL,
|
AuthmgrCapability::EditURL,
|
||||||
AuthmgrCapability::DeleteURL,
|
AuthmgrCapability::DeleteURL,
|
||||||
AuthmgrCapability::ViewStats,
|
AuthmgrCapability::ViewStats,
|
||||||
),
|
),
|
||||||
AuthmgrRoles::Contributor => array(
|
AuthmgrRoles::Contributor => array(
|
||||||
AuthmgrCapability::ShowAdmin,
|
AuthmgrCapability::ShowAdmin,
|
||||||
@ -382,12 +381,11 @@ function authmgr_environment_check() {
|
|||||||
* Borrowed from:
|
* Borrowed from:
|
||||||
* http://stackoverflow.com/questions/594112/matching-an-ip-to-a-cidr-mask-in-php5
|
* http://stackoverflow.com/questions/594112/matching-an-ip-to-a-cidr-mask-in-php5
|
||||||
*/
|
*/
|
||||||
function authmgr_cidr_match($ip, $range)
|
function authmgr_cidr_match($ip, $range) {
|
||||||
{
|
list ($subnet, $bits) = split('/', $range);
|
||||||
list ($subnet, $bits) = split('/', $range);
|
$ip = ip2long($ip);
|
||||||
$ip = ip2long($ip);
|
$subnet = ip2long($subnet);
|
||||||
$subnet = ip2long($subnet);
|
$mask = -1 << (32 - $bits);
|
||||||
$mask = -1 << (32 - $bits);
|
$subnet &= $mask; # nb: in case the supplied subnet wasn't correctly aligned
|
||||||
$subnet &= $mask; # nb: in case the supplied subnet wasn't correctly aligned
|
return ($ip & $mask) == $subnet;
|
||||||
return ($ip & $mask) == $subnet;
|
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user