Updating controllers to a cleaner way of requiring the current user to be an administrator.
Closes #654
This commit is contained in:
parent
951e3b4827
commit
d6a700da59
|
@ -72,10 +72,23 @@ class Controller extends \b8\Controller
|
|||
return $this->response;
|
||||
}
|
||||
|
||||
/**
|
||||
* Require that the currently logged in user is an administrator.
|
||||
* @throws ForbiddenException
|
||||
*/
|
||||
protected function requireAdmin()
|
||||
{
|
||||
if (!$_SESSION['phpci_user']->getIsAdmin()) {
|
||||
if (!$this->currentUserIsAdmin()) {
|
||||
throw new ForbiddenException('You do not have permission to do that.');
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if the currently logged in user is an administrator.
|
||||
* @return bool
|
||||
*/
|
||||
protected function currentUserIsAdmin()
|
||||
{
|
||||
return $_SESSION['phpci_user']->getIsAdmin();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -70,7 +70,7 @@ class BuildController extends \PHPCI\Controller
|
|||
),
|
||||
);
|
||||
|
||||
if ($_SESSION['phpci_user']->getIsAdmin()) {
|
||||
if ($this->currentUserIsAdmin()) {
|
||||
$nav['links']['build/delete/' . $build->getId()] = 'Delete Build';
|
||||
}
|
||||
|
||||
|
@ -156,9 +156,7 @@ class BuildController extends \PHPCI\Controller
|
|||
*/
|
||||
public function delete($buildId)
|
||||
{
|
||||
if (empty($_SESSION['phpci_user']) || !$_SESSION['phpci_user']->getIsAdmin()) {
|
||||
throw new \Exception('You do not have permission to do that.');
|
||||
}
|
||||
$this->requireAdmin();
|
||||
|
||||
$build = BuildFactory::getBuildById($buildId);
|
||||
|
||||
|
|
|
@ -44,9 +44,7 @@ class PluginController extends \PHPCI\Controller
|
|||
|
||||
public function index()
|
||||
{
|
||||
if (!$_SESSION['phpci_user']->getIsAdmin()) {
|
||||
throw new \Exception('You do not have permission to do that.');
|
||||
}
|
||||
$this->requireAdmin();
|
||||
|
||||
$this->view->canWrite = is_writable(APPLICATION_PATH . 'composer.json');
|
||||
$this->view->required = $this->required;
|
||||
|
@ -72,9 +70,7 @@ class PluginController extends \PHPCI\Controller
|
|||
|
||||
public function remove()
|
||||
{
|
||||
if (!$_SESSION['phpci_user']->getIsAdmin()) {
|
||||
throw new \Exception('You do not have permission to do that.');
|
||||
}
|
||||
$this->requireAdmin();
|
||||
|
||||
$package = $this->getParam('package', null);
|
||||
$json = $this->getComposerJson();
|
||||
|
@ -93,9 +89,7 @@ class PluginController extends \PHPCI\Controller
|
|||
|
||||
public function install()
|
||||
{
|
||||
if (!$_SESSION['phpci_user']->getIsAdmin()) {
|
||||
throw new \Exception('You do not have permission to do that.');
|
||||
}
|
||||
$this->requireAdmin();
|
||||
|
||||
$package = $this->getParam('package', null);
|
||||
$version = $this->getParam('version', '*');
|
||||
|
|
|
@ -122,9 +122,7 @@ class ProjectController extends \PHPCI\Controller
|
|||
*/
|
||||
public function delete($projectId)
|
||||
{
|
||||
if (!$_SESSION['phpci_user']->getIsAdmin()) {
|
||||
throw new ForbiddenException('You do not have permission to do that.');
|
||||
}
|
||||
$this->requireAdmin();
|
||||
|
||||
$project = $this->projectStore->getById($projectId);
|
||||
$this->projectService->deleteProject($project);
|
||||
|
@ -227,9 +225,7 @@ class ProjectController extends \PHPCI\Controller
|
|||
*/
|
||||
public function edit($projectId)
|
||||
{
|
||||
if (!$_SESSION['phpci_user']->getIsAdmin()) {
|
||||
throw new ForbiddenException('You do not have permission to do that.');
|
||||
}
|
||||
$this->requireAdmin();
|
||||
|
||||
$method = $this->request->getMethod();
|
||||
$project = $this->projectStore->getById($projectId);
|
||||
|
|
|
@ -38,6 +38,8 @@ class SettingsController extends Controller
|
|||
|
||||
public function index()
|
||||
{
|
||||
$this->requireAdmin();
|
||||
|
||||
$this->layout->title = 'Settings';
|
||||
$this->view->settings = $this->settings;
|
||||
|
||||
|
@ -65,6 +67,8 @@ class SettingsController extends Controller
|
|||
|
||||
public function github()
|
||||
{
|
||||
$this->requireAdmin();
|
||||
|
||||
$this->settings['phpci']['github']['id'] = $this->getParam('githubid', '');
|
||||
$this->settings['phpci']['github']['secret'] = $this->getParam('githubsecret', '');
|
||||
$error = $this->storeSettings();
|
||||
|
@ -80,6 +84,8 @@ class SettingsController extends Controller
|
|||
|
||||
public function email()
|
||||
{
|
||||
$this->requireAdmin();
|
||||
|
||||
$this->settings['phpci']['email_settings'] = $this->getParams();
|
||||
$this->settings['phpci']['email_settings']['smtp_encryption'] = $this->getParam('smtp_encryption', 0);
|
||||
|
||||
|
@ -96,6 +102,8 @@ class SettingsController extends Controller
|
|||
|
||||
public function build()
|
||||
{
|
||||
$this->requireAdmin();
|
||||
|
||||
$this->settings['phpci']['build'] = $this->getParams();
|
||||
|
||||
$error = $this->storeSettings();
|
||||
|
|
|
@ -115,9 +115,7 @@ class UserController extends Controller
|
|||
*/
|
||||
public function add()
|
||||
{
|
||||
if (!$_SESSION['phpci_user']->getIsAdmin()) {
|
||||
throw new ForbiddenException('You do not have permission to do that.');
|
||||
}
|
||||
$this->requireAdmin();
|
||||
|
||||
$this->layout->title = 'Add User';
|
||||
|
||||
|
@ -157,9 +155,7 @@ class UserController extends Controller
|
|||
*/
|
||||
public function edit($userId)
|
||||
{
|
||||
if (!$_SESSION['phpci_user']->getIsAdmin()) {
|
||||
throw new ForbiddenException('You do not have permission to do that.');
|
||||
}
|
||||
$this->requireAdmin();
|
||||
|
||||
$method = $this->request->getMethod();
|
||||
$user = $this->userStore->getById($userId);
|
||||
|
@ -253,9 +249,7 @@ class UserController extends Controller
|
|||
*/
|
||||
public function delete($userId)
|
||||
{
|
||||
if (!$_SESSION['phpci_user']->getIsAdmin()) {
|
||||
throw new ForbiddenException('You do not have permission to do that.');
|
||||
}
|
||||
$this->requireAdmin();
|
||||
|
||||
$user = $this->userStore->getById($userId);
|
||||
|
||||
|
|
Loading…
Reference in a new issue