Moved security disabling from Api to Access
This commit is contained in:
Marcin Kurczewski
parent
f254e7bb1e
commit
a74b133cfc
3 changed files with 22 additions and 19 deletions
|
|
@ -2,6 +2,7 @@
|
|||
class Access
|
||||
{
|
||||
private static $privileges = [];
|
||||
private static $checkPrivileges = true;
|
||||
|
||||
public static function init()
|
||||
{
|
||||
|
|
@ -30,11 +31,15 @@ class Access
|
|||
self::$privileges[$privilegeName] = $minAccessRank;
|
||||
}
|
||||
}
|
||||
|
||||
//todo: move to scripts etc.
|
||||
#if (php_sapi_name() == 'cli')
|
||||
# self::disablePrivilegeChecking();
|
||||
}
|
||||
|
||||
public static function check(Privilege $privilege, $user = null)
|
||||
{
|
||||
if (php_sapi_name() == 'cli')
|
||||
if (!self::$checkPrivileges)
|
||||
return true;
|
||||
|
||||
if ($user === null)
|
||||
|
|
@ -62,6 +67,9 @@ class Access
|
|||
|
||||
public static function checkEmailConfirmation($user = null)
|
||||
{
|
||||
if (!self::$checkPrivileges)
|
||||
return true;
|
||||
|
||||
if ($user === null)
|
||||
$user = Auth::getCurrentUser();
|
||||
|
||||
|
|
@ -102,7 +110,7 @@ class Access
|
|||
|
||||
public static function getAllowedSafety()
|
||||
{
|
||||
if (php_sapi_name() == 'cli')
|
||||
if (!self::$checkPrivileges)
|
||||
return PostSafety::getAll();
|
||||
|
||||
return array_filter(PostSafety::getAll(), function($safety)
|
||||
|
|
@ -111,4 +119,14 @@ class Access
|
|||
and Auth::getCurrentUser()->hasEnabledSafety($safety);
|
||||
});
|
||||
}
|
||||
|
||||
public static function disablePrivilegeChecking()
|
||||
{
|
||||
self::$checkPrivileges = false;
|
||||
}
|
||||
|
||||
public static function enablePrivilegeChecking()
|
||||
{
|
||||
self::$checkPrivileges = true;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
<?php
|
||||
final class Api
|
||||
{
|
||||
protected static $checkPrivileges = true;
|
||||
|
||||
public static function run($job, $jobArgs)
|
||||
{
|
||||
$user = Auth::getCurrentUser();
|
||||
|
|
@ -20,9 +18,6 @@ final class Api
|
|||
|
||||
public static function checkPrivileges(AbstractJob $job)
|
||||
{
|
||||
if (!self::$checkPrivileges)
|
||||
return;
|
||||
|
||||
if ($job->requiresAuthentication())
|
||||
Access::assertAuthentication();
|
||||
|
||||
|
|
@ -53,14 +48,4 @@ final class Api
|
|||
});
|
||||
return $statuses;
|
||||
}
|
||||
|
||||
public static function disablePrivilegeChecking()
|
||||
{
|
||||
self::$checkPrivileges = false;
|
||||
}
|
||||
|
||||
public static function enablePrivilegeChecking()
|
||||
{
|
||||
self::$checkPrivileges = true;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -19,9 +19,9 @@ class AddUserJob extends AbstractJob
|
|||
: AccessRank::Registered;
|
||||
|
||||
Logger::bufferChanges();
|
||||
Api::disablePrivilegeChecking();
|
||||
Access::disablePrivilegeChecking();
|
||||
Api::run((new EditUserJob)->skipSaving(), $arguments);
|
||||
Api::enablePrivilegeChecking();
|
||||
Access::enablePrivilegeChecking();
|
||||
Logger::setBuffer([]);
|
||||
|
||||
if ($firstUser)
|
||||
|
|
|
|||
Loading…
Reference in a new issue