mirror/php-typemill
1
0
Fork 0
mirror of https://github.com/typemill/typemill.git synced 2025-07-30 19:00:32 +02:00
Code Issues Releases Wiki Activity

V2.4.2 added guest role for loginlink

Browse Source
This commit is contained in:
trendschau
2024-04-23 13:42:24 +02:00
parent 4d6726b7be
commit a4df3fc358
7 changed files with 14 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
system/typemill/Controllers/ControllerApiSystemUsers.php
View File

@@ -223,7 +223,7 @@ class ControllerApiSystemUsers extends Controller
# check if loginlink is activated
$loginlink = false;
if($userdata['userrole'] == 'member' && isset($this->settings['loginlink']) && $this->settings['loginlink'])
if($userdata['userrole'] == 'guest' && isset($this->settings['loginlink']) && $this->settings['loginlink'])
{
$loginlink = true;
}

2
system/typemill/Controllers/ControllerWebAuth.php
View File

@@ -307,7 +307,7 @@ class ControllerWebAuth extends Controller
$userdata = $user->getUserData();
if($userdata['userrole'] != 'member')
if($userdata['userrole'] != 'guest')
{
if($securitylog)
{

2
system/typemill/Controllers/ControllerWebSystem.php
View File

@@ -362,7 +362,7 @@ class ControllerWebSystem extends Controller
$userdata = $user->getUserData();
$inspector = $request->getAttribute('c_userrole');
$loginlink = false;
if($userdata['userrole'] == 'member' && isset($this->settings['loginlink']) && $this->settings['loginlink'])
if($userdata['userrole'] == 'guest' && isset($this->settings['loginlink']) && $this->settings['loginlink'])
{
$loginlink = true;
}

6
system/typemill/Middleware/WebAuthorization.php
View File

@@ -28,14 +28,12 @@ class WebAuthorization implements MiddlewareInterface
}
public function process(Request $request, RequestHandler $handler) :Response
{
$test = $this->acl->isAllowed($request->getAttribute('c_userrole'), $this->resource, $this->action);
{
if(!$this->acl->isAllowed($request->getAttribute('c_userrole'), $this->resource, $this->action))
{
$response = new Response();
return $response->withHeader('Location', $this->router->urlFor('user.account'))->withStatus(302);
return $response->withHeader('Location', $this->router->urlFor('home'))->withStatus(302);
}
$response = $handler->handle($request);

6
system/typemill/settings/permissions.yaml
View File

@@ -1,3 +1,9 @@
guest:
name: guest
inherits: NULL
permissions:
account:
- 'none'
member:
name: member
inherits: NULL

4
system/typemill/settings/system.yaml
View File

@@ -292,8 +292,8 @@ fieldsetdeveloper:
loginlink:
type: checkbox
label: "Login with link"
checkboxlabel: "Allow selected users to login with a login link."
description: "If activated, you can allow login-links with a checkbox in the user profile. This is only available for member-roles since members have very limited rights. Login with a link can be helpful if you link from your software to a non-public documentation. Be aware of the low protection that this kind of logins have. If you integrate such links in a SaaS-software, then you should restrict access to your ips."
checkboxlabel: "Allow selected guest-users to login with a login link."
description: "If activated, you can allow login-links with a checkbox in the user profile. This is only available for guest-roles since guests do not have any rights. Login with a link can be helpful if you link from your software to a non-public documentation. Be aware of the low protection that this kind of logins has. If you integrate such links in a SaaS-software, then you should restrict access with login-links to your ips."
trustedloginreferrer:
type: text
label: "Trusted IPs for the login-link-referrer (comma separated)"