Converted TODO lines into GitHub issues
This commit is contained in:
parent
67e55fd7ff
commit
fa75a38a3d
@ -58,8 +58,6 @@ yourls_add_action( 'admin_init', 'authmgr_intercept_admin' );
|
||||
* to add a unique hook for each action, but unfortunately we need to
|
||||
* hook the admin page load itself, and try to figure out what action
|
||||
* is intended.
|
||||
*
|
||||
* TODO: Maybe YOURLS could be improved with more detailed action hooks.
|
||||
*/
|
||||
function authmgr_intercept_admin() {
|
||||
authmgr_require_capability( AuthmgrCapability::ShowAdmin );
|
||||
@ -126,8 +124,6 @@ function authmgr_html_append_roles( $original ) {
|
||||
*/
|
||||
function authmgr_require_capability( $capability ) {
|
||||
if ( !authmgr_have_capability( $capability ) ) {
|
||||
// TODO: display a much nicer error page
|
||||
//die('Sorry, you are not authorized for the action: '.$capability);
|
||||
yourls_redirect( yourls_admin_url( '?access=denied' ), 302 );
|
||||
die();
|
||||
}
|
||||
@ -150,7 +146,6 @@ function authmgr_enumerate_current_capabilities() {
|
||||
}
|
||||
|
||||
function authmgr_enumerate_all_capabilities() {
|
||||
// TODO: generalize this, instead of just repeating the total declaration
|
||||
return array(
|
||||
AuthmgrCapability::ShowAdmin,
|
||||
AuthmgrCapability::AddURL,
|
||||
@ -169,10 +164,6 @@ function authmgr_enumerate_all_capabilities() {
|
||||
* is permitted in the current context. Any function in the filter
|
||||
* chain can change the response, but well-behaved functions will
|
||||
* only change 'false' to 'true', never the other way around.
|
||||
*
|
||||
* TODO: how to convey context when we later implement "ownership" on
|
||||
* URL rows? maybe send an array that includes capabilitity
|
||||
* and other context variables.
|
||||
*/
|
||||
function authmgr_have_capability( $capability ) {
|
||||
return yourls_apply_filter( AUTHMGR_ALLOW, false, $capability);
|
||||
@ -201,10 +192,6 @@ function authmgr_check_anon_capability( $original, $capability ) {
|
||||
|
||||
/*
|
||||
* What capabilities are available through role assignments to the active user?
|
||||
*
|
||||
* TODO: maybe pre-calculate an access token for the current user with all
|
||||
* of the permitted capabilities. Then this function would simply
|
||||
* check the contents of the access token.
|
||||
*/
|
||||
yourls_add_filter( AUTHMGR_ALLOW, 'authmgr_check_user_capability', 10 );
|
||||
function authmgr_check_user_capability( $original, $capability ) {
|
||||
@ -270,22 +257,14 @@ function authmgr_check_apiuser_capability( $original, $capability ) {
|
||||
// In API mode and not using user/path authn? Let it go.
|
||||
if ( yourls_is_API() && !isset($_REQUEST['username']) )
|
||||
return true;
|
||||
// TODO: add controls for actions, like
|
||||
// shorturl, stats, db-stats, url-stats, expand
|
||||
|
||||
return $original;
|
||||
}
|
||||
|
||||
/******************** ROLE TEST AND ENUMERATION ***********************/
|
||||
|
||||
/*
|
||||
* TODO: consider moving roles into a database table, and manipulate with web GUI
|
||||
* TODO: consider allowing other plugins to contribute capabilities with a filter chain
|
||||
*/
|
||||
|
||||
/*
|
||||
* Determine whether a specific user has a role.
|
||||
* TODO: don't use filter chains for role enumeration. that's silly.
|
||||
*/
|
||||
function authmgr_user_has_role( $username, $rolename ) {
|
||||
return yourls_apply_filter( AUTHMGR_HASROLE, false, $username, $rolename );
|
||||
@ -331,7 +310,7 @@ function authmgr_environment_check() {
|
||||
if ( !isset( $authmgr_anon_capabilities) ) {
|
||||
$authmgr_anon_capabilities = array(
|
||||
AuthmgrCapability::API,
|
||||
AuthmgrCapability::ShowAdmin,//TODO: hack! how to allow logon page?
|
||||
AuthmgrCapability::ShowAdmin,
|
||||
);
|
||||
}
|
||||
|
||||
@ -373,7 +352,6 @@ function authmgr_environment_check() {
|
||||
|
||||
// convert role assignment table to lower case if it hasn't been done already
|
||||
// this makes searches much easier!
|
||||
// TODO: avoid doing this every time we validate
|
||||
$authmgr_role_assignment_lower = array();
|
||||
foreach ( $authmgr_role_assignment as $key => $value ) {
|
||||
$t_key = strtolower( $key );
|
||||
|
Loading…
Reference in New Issue
Block a user