[dev] application access with Perms (was: feature interest)
Brian M Dube
brian.dube at gotgoat.com
Sat Jul 19 13:14:30 PDT 2003
Here's what I did for Auth.php, but it still has the quirk of only
working for users, not groups.
Brian
--- Auth.php 14 Jul 2003 05:35:52 -0000 1.1.1.1
+++ Auth.php 19 Jul 2003 20:05:05 -0000
@@ -279,11 +279,28 @@
*/
function isAuthenticated($realm = null)
{
+ global $registry;
+
if (isset($_SESSION['__auth'])) {
if (!empty($_SESSION['__auth']['authenticated']) &&
!empty($_SESSION['__auth']['userID']) &&
$_SESSION['__auth']['realm'] == $realm) {
- return true;
+
+ // Check permissions for this user.
+ $_app = $registry->getApp();
+ require_once HORDE_BASE . '/lib/Perms.php';
+ $_perms = &Perms::singleton();
+
+ if ($_perms->exists($_app)) {
+ if ($_perms->hasPermission($_app, Auth::getAuth(),
_PERMS_READ)) {
+ return true;
+ } else {
+ return false;
+ }
+ } else {
+ // Permission does not exist.
+ return true;
+ }
}
}
More information about the dev
mailing list