dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix permissions when not using a session

This commit is contained in:
FusionPBX 2024-11-26 21:48:08 -07:00 committed by GitHub
parent b7afc086ec
commit 5d7a124a79
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 18 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
resources/classes/permissions.php
View File

@ -80,7 +80,7 @@ if (!class_exists('permissions')) {
//get the list of groups assigned to the user //get the list of groups assigned to the user
if (!empty($this->groups)) { if (!empty($this->groups)) {
$this->permissions = $this->assigned(); $this->assigned();
} }
} }
} }
@ -99,7 +99,7 @@ if (!class_exists('permissions')) {
public function add($permission, $type) { public function add($permission, $type) {
//add the permission if it is not in array //add the permission if it is not in array
if (!$this->exists($permission)) { if (!$this->exists($permission)) {
$_SESSION["permissions"][$permission] = $type; $this->permissions[$permission] = $type;
} }
} }
@ -108,15 +108,15 @@ if (!class_exists('permissions')) {
* @var string $permission * @var string $permission
*/ */
public function delete($permission, $type) { public function delete($permission, $type) {
if ($this->exists($permission) && !empty($_SESSION["permissions"][$permission])) { if ($this->exists($permission) && !empty($this->permissions[$permission])) {
if ($type === "temp") { if ($type === "temp") {
if ($_SESSION["permissions"][$permission] === "temp") { if ($this->permissions[$permission] === "temp") {
unset($_SESSION["permissions"][$permission]); unset($this->permissions[$permission]);
} }
} }
else { else {
if ($_SESSION["permissions"][$permission] !== "temp") { if ($this->permissions[$permission] !== "temp") {
unset($_SESSION["permissions"][$permission]); unset($this->permissions[$permission]);
} }
} }
} }
@ -145,8 +145,9 @@ if (!class_exists('permissions')) {
* get the assigned permissions * get the assigned permissions
* @var array $groups * @var array $groups
*/ */
public function assigned() { private function assigned() {
//define the array //define the array
$permissions = [];
$parameter_names = []; $parameter_names = [];
//return empty array if there are no groups //return empty array if there are no groups
@ -170,9 +171,15 @@ if (!class_exists('permissions')) {
$sql .= "and group_name in (".implode(", ", $parameter_names).") \n"; $sql .= "and group_name in (".implode(", ", $parameter_names).") \n";
$sql .= "and permission_assigned = 'true' "; $sql .= "and permission_assigned = 'true' ";
$parameters['domain_uuid'] = $this->domain_uuid; $parameters['domain_uuid'] = $this->domain_uuid;
$permissions = $this->database->select($sql, $parameters, 'all'); $group_permissions = $this->database->select($sql, $parameters, 'all');
unset($sql, $parameters, $result);
return $permissions; //format the permission array
foreach ($group_permissions as $row) {
$permissions[$row['permission_name']] = 1;
}
//save permissions to this object
$this->permissions = $permissions;
} }
/** /**