refactor(pages): replace superglobals with request/session abstractions
This commit is contained in:
@@ -1,13 +1,15 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\AuthorizationService;
|
||||
use MintyPHP\Service\Access\UserAuthorizationPolicy;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
|
||||
$user = $_SESSION['user'] ?? [];
|
||||
$user = $session['user'] ?? [];
|
||||
$userId = (int) ($user['id'] ?? 0);
|
||||
$uuid = trim((string) ($user['uuid'] ?? ''));
|
||||
if ($uuid === '') {
|
||||
|
||||
@@ -1,9 +1,11 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Service\Access\OperationsAuthorizationPolicy;
|
||||
use MintyPHP\Service\AddressBook\AddressBookServicesFactory;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbilityOrForbidden(OperationsAuthorizationPolicy::ABILITY_ADDRESS_BOOK_VIEW);
|
||||
gridRequireGetRequest();
|
||||
@@ -19,7 +21,7 @@ foreach ($query as $rawKey => $rawValue) {
|
||||
$filters[$key] = $rawValue;
|
||||
}
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$addressBookService = (app(AddressBookServicesFactory::class))->createAddressBookService();
|
||||
$result = $addressBookService->buildGridResult($currentUserId, $filters);
|
||||
gridJsonDataResult(
|
||||
|
||||
@@ -1,16 +1,18 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Service\AddressBook\AddressBookServicesFactory;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbilityOrForbidden(\MintyPHP\Service\Access\OperationsAuthorizationPolicy::ABILITY_ADDRESS_BOOK_VIEW);
|
||||
|
||||
$filterSchema = require __DIR__ . '/filter-schema.php';
|
||||
$query = requestInput()->queryAll();
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$addressBookService = (app(AddressBookServicesFactory::class))->createAddressBookService();
|
||||
$context = $addressBookService->buildIndexContext($currentUserId, $query);
|
||||
$activeTenants = $context['activeTenants'] ?? [];
|
||||
@@ -113,7 +115,7 @@ $filterChipMeta = [
|
||||
];
|
||||
|
||||
$csrfKey = Session::$csrfSessionKey;
|
||||
$csrfToken = $_SESSION[$csrfKey] ?? '';
|
||||
$csrfToken = $session[$csrfKey] ?? '';
|
||||
|
||||
Buffer::set('title', t('Address book'));
|
||||
Buffer::set('grid_lang', json_encode(gridLang(), JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
|
||||
|
||||
@@ -1,11 +1,15 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\User\UserServicesFactory;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$sessionStore = app(SessionStoreInterface::class);
|
||||
$session = $sessionStore->all();
|
||||
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbilityOrForbidden(\MintyPHP\Service\Access\OperationsAuthorizationPolicy::ABILITY_ADDRESS_BOOK_VIEW);
|
||||
|
||||
@@ -87,7 +91,7 @@ if (!Session::checkCsrfToken()) {
|
||||
return;
|
||||
}
|
||||
|
||||
$userId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$userId = (int) ($session['user']['id'] ?? 0);
|
||||
if ($userId <= 0) {
|
||||
Router::redirect('login');
|
||||
return;
|
||||
@@ -102,7 +106,7 @@ if ($uuid === '') {
|
||||
|
||||
$deleted = $userSavedFilterService->deleteAddressBookFilter($userId, $uuid);
|
||||
if ($deleted) {
|
||||
$_SESSION['address_book_saved_filters'] = $userSavedFilterService->listForAddressBook($userId);
|
||||
$sessionStore->set('address_book_saved_filters', $userSavedFilterService->listForAddressBook($userId));
|
||||
Flash::success(t('Filter deleted'), 'address-book', 'address_book_saved_filter_deleted');
|
||||
}
|
||||
|
||||
|
||||
@@ -1,11 +1,15 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\User\UserServicesFactory;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$sessionStore = app(SessionStoreInterface::class);
|
||||
$session = $sessionStore->all();
|
||||
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbilityOrForbidden(\MintyPHP\Service\Access\OperationsAuthorizationPolicy::ABILITY_ADDRESS_BOOK_VIEW);
|
||||
|
||||
@@ -87,7 +91,7 @@ if (!Session::checkCsrfToken()) {
|
||||
return;
|
||||
}
|
||||
|
||||
$userId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$userId = (int) ($session['user']['id'] ?? 0);
|
||||
if ($userId <= 0) {
|
||||
Router::redirect('login');
|
||||
return;
|
||||
@@ -111,6 +115,6 @@ if (!($result['ok'] ?? false)) {
|
||||
return;
|
||||
}
|
||||
|
||||
$_SESSION['address_book_saved_filters'] = $userSavedFilterService->listForAddressBook($userId);
|
||||
$sessionStore->set('address_book_saved_filters', $userSavedFilterService->listForAddressBook($userId));
|
||||
Flash::success(t('Filter saved'), 'address-book', 'address_book_saved_filter_saved');
|
||||
Router::redirect($redirect);
|
||||
|
||||
@@ -1,14 +1,16 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbilityOrForbidden(\MintyPHP\Service\Access\OperationsAuthorizationPolicy::ABILITY_ADDRESS_BOOK_VIEW);
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$uuid = trim((string) ($id ?? ''));
|
||||
if ($uuid === '') {
|
||||
Router::redirect('address-book');
|
||||
|
||||
@@ -1,15 +1,17 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Service\Access\UiAccessService;
|
||||
use MintyPHP\Service\Access\UiCapabilityMap;
|
||||
use MintyPHP\Service\Audit\ApiAuditService;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbility(\MintyPHP\Service\Access\OperationsAuthorizationPolicy::ABILITY_ADMIN_API_AUDIT_VIEW);
|
||||
$viewAuth['page'] = app(UiAccessService::class)->pageCapabilities(
|
||||
(int) ($_SESSION['user']['id'] ?? 0),
|
||||
(int) ($session['user']['id'] ?? 0),
|
||||
UiCapabilityMap::PAGE_AUDIT_PURGE
|
||||
);
|
||||
|
||||
|
||||
@@ -1,18 +1,20 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\DepartmentAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$request = requestInput();
|
||||
$tenantService = app(\MintyPHP\Service\Tenant\TenantService::class);
|
||||
$directoryScopeGateway = app(\MintyPHP\Service\Directory\DirectoryScopeGateway::class);
|
||||
$departmentService = app(\MintyPHP\Service\Org\DepartmentService::class);
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(DepartmentAuthorizationPolicy::ABILITY_ADMIN_DEPARTMENTS_CREATE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
|
||||
@@ -1,12 +1,14 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Service\Access\DepartmentAuthorizationPolicy;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
gridRequireGetRequest();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$decision = Guard::requireAbilityDecisionOrForbidden(DepartmentAuthorizationPolicy::ABILITY_ADMIN_DEPARTMENTS_VIEW);
|
||||
$capabilities = $decision->attribute('capabilities', []);
|
||||
$tenantIds = is_array($capabilities) ? array_values(array_unique(array_map('intval', (array) ($capabilities['allowed_tenant_ids'] ?? [])))) : [];
|
||||
|
||||
@@ -1,10 +1,12 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\DepartmentAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
|
||||
@@ -14,7 +16,7 @@ if ($uuid === '') {
|
||||
return;
|
||||
}
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$department = app(\MintyPHP\Service\Org\DepartmentService::class)->findByUuid($uuid);
|
||||
if (!$department) {
|
||||
Flash::error('Department not found', 'admin/departments', 'department_not_found');
|
||||
|
||||
@@ -1,16 +1,18 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\DepartmentAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$request = requestInput();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
if ($currentUserId > 0) {
|
||||
app(\MintyPHP\Service\Access\PermissionGateway::class)->getUserPermissions($currentUserId);
|
||||
}
|
||||
|
||||
@@ -1,13 +1,15 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Service\Access\DepartmentAuthorizationPolicy;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(DepartmentAuthorizationPolicy::ABILITY_ADMIN_DEPARTMENTS_VIEW, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
@@ -42,7 +44,7 @@ usort($tenants, static function ($a, $b) {
|
||||
Buffer::set('title', t('Departments'));
|
||||
Buffer::set('grid_lang', json_encode(gridLang(), JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
|
||||
$csrfKey = Session::$csrfSessionKey;
|
||||
$csrfToken = $_SESSION[$csrfKey] ?? '';
|
||||
$csrfToken = $session[$csrfKey] ?? '';
|
||||
Buffer::set(
|
||||
'grid_csrf',
|
||||
json_encode(['key' => $csrfKey, 'token' => $csrfToken], JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES)
|
||||
|
||||
@@ -1,15 +1,17 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Service\Access\UiAccessService;
|
||||
use MintyPHP\Service\Access\UiCapabilityMap;
|
||||
use MintyPHP\Service\Audit\ImportAuditService;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbility(\MintyPHP\Service\Access\OperationsAuthorizationPolicy::ABILITY_ADMIN_IMPORTS_AUDIT_VIEW);
|
||||
$viewAuth['page'] = app(UiAccessService::class)->pageCapabilities(
|
||||
(int) ($_SESSION['user']['id'] ?? 0),
|
||||
(int) ($session['user']['id'] ?? 0),
|
||||
UiCapabilityMap::PAGE_AUDIT_PURGE
|
||||
);
|
||||
|
||||
|
||||
@@ -1,15 +1,17 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Service\Import\ImportService;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbility(\MintyPHP\Service\Access\OperationsAuthorizationPolicy::ABILITY_ADMIN_IMPORTS_VIEW);
|
||||
|
||||
$request = requestInput();
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$importService = app(ImportService::class);
|
||||
|
||||
$profileOptions = [];
|
||||
@@ -46,7 +48,7 @@ $preview = null;
|
||||
$result = null;
|
||||
|
||||
$csrfKey = Session::$csrfSessionKey;
|
||||
$csrfToken = $_SESSION[$csrfKey] ?? '';
|
||||
$csrfToken = $session[$csrfKey] ?? '';
|
||||
|
||||
$hasImportPermission = static function (string $type) use ($currentUserId, $importService): bool {
|
||||
$permission = $importService->requiredPermissionForType($type);
|
||||
|
||||
@@ -1,7 +1,9 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
define('MINTY_ALLOW_OUTPUT', true);
|
||||
|
||||
Guard::requireLogin();
|
||||
@@ -16,7 +18,7 @@ if (!$profile) {
|
||||
return;
|
||||
}
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$ability = match ($type) {
|
||||
'users' => \MintyPHP\Service\Access\OperationsAuthorizationPolicy::ABILITY_ADMIN_IMPORTS_TYPE_USERS,
|
||||
'departments' => \MintyPHP\Service\Access\OperationsAuthorizationPolicy::ABILITY_ADMIN_IMPORTS_TYPE_DEPARTMENTS,
|
||||
|
||||
@@ -1,11 +1,13 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
|
||||
$user = $_SESSION['user'] ?? null;
|
||||
$user = $session['user'] ?? null;
|
||||
$first_name = $user['first_name'] ?? '';
|
||||
|
||||
Buffer::set('title', t('Admin'));
|
||||
|
||||
@@ -1,9 +1,11 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbility(\MintyPHP\Service\Access\OperationsAuthorizationPolicy::ABILITY_ADMIN_MAIL_LOG_VIEW);
|
||||
$filterSchema = require __DIR__ . '/filter-schema.php';
|
||||
@@ -41,7 +43,7 @@ $searchConfig = $listFilterContext['searchConfig'];
|
||||
Buffer::set('title', t('Mail logs'));
|
||||
Buffer::set('grid_lang', json_encode(gridLang(), JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
|
||||
$csrfKey = Session::$csrfSessionKey;
|
||||
$csrfToken = $_SESSION[$csrfKey] ?? '';
|
||||
$csrfToken = $session[$csrfKey] ?? '';
|
||||
Buffer::set(
|
||||
'grid_csrf',
|
||||
json_encode(['key' => $csrfKey, 'token' => $csrfToken], JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES)
|
||||
|
||||
@@ -1,15 +1,17 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\PermissionAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$request = requestInput();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(PermissionAuthorizationPolicy::ABILITY_ADMIN_PERMISSIONS_CREATE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
|
||||
@@ -1,14 +1,16 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\PermissionAuthorizationPolicy;
|
||||
use MintyPHP\Service\Access\PermissionGateway;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(PermissionAuthorizationPolicy::ABILITY_ADMIN_PERMISSIONS_DELETE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
|
||||
@@ -1,16 +1,18 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Repository\Access\RoleRepository;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\PermissionAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$request = requestInput();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
|
||||
$id = (int) ($id ?? 0);
|
||||
|
||||
@@ -1,13 +1,15 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Service\Access\PermissionAuthorizationPolicy;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(PermissionAuthorizationPolicy::ABILITY_ADMIN_PERMISSIONS_VIEW, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
@@ -49,7 +51,7 @@ $searchConfig = $listFilterContext['searchConfig'];
|
||||
Buffer::set('title', t('Permissions'));
|
||||
Buffer::set('grid_lang', json_encode(gridLang(), JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
|
||||
$csrfKey = Session::$csrfSessionKey;
|
||||
$csrfToken = $_SESSION[$csrfKey] ?? '';
|
||||
$csrfToken = $session[$csrfKey] ?? '';
|
||||
Buffer::set(
|
||||
'grid_csrf',
|
||||
json_encode(['key' => $csrfKey, 'token' => $csrfToken], JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES)
|
||||
|
||||
@@ -1,15 +1,17 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\RoleAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$request = requestInput();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(RoleAuthorizationPolicy::ABILITY_ADMIN_ROLES_CREATE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
|
||||
@@ -1,13 +1,15 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\RoleAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(RoleAuthorizationPolicy::ABILITY_ADMIN_ROLES_DELETE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
|
||||
@@ -1,15 +1,17 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\RoleAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$request = requestInput();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$permissionRepository = app(\MintyPHP\Repository\Access\PermissionRepository::class);
|
||||
$rolePermissionRepository = app(\MintyPHP\Repository\Access\RolePermissionRepository::class);
|
||||
|
||||
@@ -1,13 +1,15 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Service\Access\RoleAuthorizationPolicy;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(RoleAuthorizationPolicy::ABILITY_ADMIN_ROLES_VIEW, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
@@ -49,7 +51,7 @@ $searchConfig = $listFilterContext['searchConfig'];
|
||||
Buffer::set('title', t('Roles'));
|
||||
Buffer::set('grid_lang', json_encode(gridLang(), JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
|
||||
$csrfKey = Session::$csrfSessionKey;
|
||||
$csrfToken = $_SESSION[$csrfKey] ?? '';
|
||||
$csrfToken = $session[$csrfKey] ?? '';
|
||||
Buffer::set(
|
||||
'grid_csrf',
|
||||
json_encode(['key' => $csrfKey, 'token' => $csrfToken], JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES)
|
||||
|
||||
@@ -1,11 +1,13 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbility(\MintyPHP\Service\Access\OperationsAuthorizationPolicy::ABILITY_ADMIN_JOBS_VIEW);
|
||||
|
||||
@@ -18,7 +20,7 @@ if (!$job) {
|
||||
Router::redirect('admin/scheduled-jobs');
|
||||
}
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$canManage = $authorizationService->authorize(\MintyPHP\Service\Access\OperationsAuthorizationPolicy::ABILITY_ADMIN_JOBS_MANAGE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
|
||||
@@ -1,14 +1,16 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Service\Access\UiAccessService;
|
||||
use MintyPHP\Service\Access\UiCapabilityMap;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbility(\MintyPHP\Service\Access\OperationsAuthorizationPolicy::ABILITY_ADMIN_JOBS_VIEW);
|
||||
$viewAuth['page'] = app(UiAccessService::class)->pageCapabilities(
|
||||
(int) ($_SESSION['user']['id'] ?? 0),
|
||||
(int) ($session['user']['id'] ?? 0),
|
||||
UiCapabilityMap::PAGE_AUDIT_PURGE
|
||||
);
|
||||
$filterSchema = require __DIR__ . '/filter-schema.php';
|
||||
|
||||
@@ -2,11 +2,13 @@
|
||||
|
||||
use MintyPHP\Domain\Taxonomy\ScheduledJobRunStatus;
|
||||
use MintyPHP\Domain\Taxonomy\SchedulerRuntimeResult;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbility(\MintyPHP\Service\Access\OperationsAuthorizationPolicy::ABILITY_ADMIN_JOBS_RUN_NOW);
|
||||
|
||||
@@ -21,7 +23,7 @@ if (!Session::checkCsrfToken()) {
|
||||
Router::redirect("admin/scheduled-jobs/edit/$jobId");
|
||||
}
|
||||
|
||||
$result = app(\MintyPHP\Service\Scheduler\SchedulerRunService::class)->runJobNow($jobId, (int) ($_SESSION['user']['id'] ?? 0));
|
||||
$result = app(\MintyPHP\Service\Scheduler\SchedulerRunService::class)->runJobNow($jobId, (int) ($session['user']['id'] ?? 0));
|
||||
if (!($result['ok'] ?? false)) {
|
||||
$error = (string) ($result['error'] ?? '');
|
||||
if ($error === SchedulerRuntimeResult::LockNotAcquired->value) {
|
||||
|
||||
@@ -1,10 +1,12 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\I18n;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Search\SearchDataService;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
gridRequireGetRequest();
|
||||
|
||||
@@ -14,7 +16,7 @@ if ($filters['q'] === '') {
|
||||
Router::json([]);
|
||||
}
|
||||
|
||||
$userId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$userId = (int) ($session['user']['id'] ?? 0);
|
||||
$locale = I18n::$locale ?? (I18n::$defaultLocale ?? 'de');
|
||||
$result = app(SearchDataService::class)->buildPreviewData($userId, $filters['q'], $locale, 5);
|
||||
|
||||
|
||||
@@ -1,14 +1,16 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\SettingsAuthorizationPolicy;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(SettingsAuthorizationPolicy::ABILITY_ADMIN_SETTINGS_TOKENS_REVOKE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
|
||||
@@ -1,13 +1,15 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\SettingsAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(SettingsAuthorizationPolicy::ABILITY_ADMIN_SETTINGS_BRANDING_UPDATE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
|
||||
@@ -1,14 +1,16 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\SettingsAuthorizationPolicy;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(SettingsAuthorizationPolicy::ABILITY_ADMIN_SETTINGS_BRANDING_UPDATE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
|
||||
@@ -1,16 +1,18 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\SettingsAuthorizationPolicy;
|
||||
use MintyPHP\Service\Settings\AdminSettingsService;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$request = requestInput();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$viewDecision = $authorizationService->authorize(SettingsAuthorizationPolicy::ABILITY_ADMIN_SETTINGS_VIEW, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
|
||||
@@ -1,13 +1,15 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\SettingsAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(SettingsAuthorizationPolicy::ABILITY_ADMIN_SETTINGS_BRANDING_UPDATE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
|
||||
@@ -1,14 +1,16 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\SettingsAuthorizationPolicy;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(SettingsAuthorizationPolicy::ABILITY_ADMIN_SETTINGS_BRANDING_UPDATE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
|
||||
@@ -1,14 +1,16 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\SettingsAuthorizationPolicy;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(SettingsAuthorizationPolicy::ABILITY_ADMIN_SETTINGS_TOKENS_REVOKE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
|
||||
@@ -1,13 +1,15 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\SettingsAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(SettingsAuthorizationPolicy::ABILITY_ADMIN_SETTINGS_USER_LIFECYCLE_RUN, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
|
||||
@@ -1,17 +1,19 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Service\Access\UiAccessService;
|
||||
use MintyPHP\Service\Access\UiCapabilityMap;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireAbilityOrForbidden(\MintyPHP\Service\Access\OperationsAuthorizationPolicy::ABILITY_ADMIN_STATS_VIEW);
|
||||
|
||||
$viewData = app(\MintyPHP\Service\Stats\AdminStatsViewDataService::class)->build();
|
||||
if ($viewData) {
|
||||
extract($viewData, EXTR_SKIP);
|
||||
}
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$viewAuth['page'] = app(UiAccessService::class)->pageCapabilities($currentUserId, UiCapabilityMap::PAGE_STATS_INDEX);
|
||||
|
||||
Buffer::set('title', t('Statistics'));
|
||||
|
||||
@@ -1,17 +1,19 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Service\Access\OperationsAuthorizationPolicy;
|
||||
use MintyPHP\Service\Access\UiAccessService;
|
||||
use MintyPHP\Service\Access\UiCapabilityMap;
|
||||
use MintyPHP\Service\Audit\SystemAuditService;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbility(OperationsAuthorizationPolicy::ABILITY_ADMIN_SYSTEM_AUDIT_VIEW);
|
||||
|
||||
$viewAuth['page'] = app(UiAccessService::class)->pageCapabilities(
|
||||
(int) ($_SESSION['user']['id'] ?? 0),
|
||||
(int) ($session['user']['id'] ?? 0),
|
||||
UiCapabilityMap::PAGE_SYSTEM_AUDIT
|
||||
);
|
||||
|
||||
|
||||
@@ -1,10 +1,12 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\TenantAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$tenantAvatarService = app(\MintyPHP\Service\Tenant\TenantAvatarService::class);
|
||||
@@ -25,7 +27,7 @@ if (!$tenantAvatarService->isValidUuid($uuid)) {
|
||||
|
||||
$tenant = app(\MintyPHP\Service\Tenant\TenantService::class)->findByUuid($uuid);
|
||||
$tenantId = (int) ($tenant['id'] ?? 0);
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$decision = $authorizationService->authorize(TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_MEDIA_UPDATE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
'target_tenant_id' => $tenantId,
|
||||
|
||||
@@ -1,10 +1,12 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\TenantAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$tenantAvatarService = app(\MintyPHP\Service\Tenant\TenantAvatarService::class);
|
||||
@@ -25,7 +27,7 @@ if (!$tenantAvatarService->isValidUuid($uuid)) {
|
||||
|
||||
$tenant = app(\MintyPHP\Service\Tenant\TenantService::class)->findByUuid($uuid);
|
||||
$tenantId = (int) ($tenant['id'] ?? 0);
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$decision = $authorizationService->authorize(TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_MEDIA_UPDATE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
'target_tenant_id' => $tenantId,
|
||||
|
||||
@@ -1,8 +1,10 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Service\Access\TenantAuthorizationPolicy;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
define('MINTY_ALLOW_OUTPUT', true);
|
||||
|
||||
Guard::requireLogin();
|
||||
@@ -18,7 +20,7 @@ if (!$tenantAvatarService->isValidUuid($uuid)) {
|
||||
|
||||
$tenant = app(\MintyPHP\Service\Tenant\TenantService::class)->findByUuid($uuid);
|
||||
$tenantId = (int) ($tenant['id'] ?? 0);
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
if ($tenantId <= 0) {
|
||||
http_response_code(404);
|
||||
return;
|
||||
|
||||
@@ -1,15 +1,17 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\TenantAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$request = requestInput();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_CREATE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\TenantAuthorizationPolicy;
|
||||
use MintyPHP\Service\CustomField\TenantCustomFieldService;
|
||||
@@ -7,6 +8,7 @@ use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$request = requestInput();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
@@ -21,7 +23,7 @@ if (!$tenant) {
|
||||
}
|
||||
|
||||
$tenantId = (int) ($tenant['id'] ?? 0);
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$decision = $authorizationService->authorize(TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_CUSTOM_FIELDS_MANAGE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
'target_tenant_id' => $tenantId,
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\TenantAuthorizationPolicy;
|
||||
use MintyPHP\Service\CustomField\TenantCustomFieldService;
|
||||
@@ -7,6 +8,7 @@ use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$tenantCustomFieldService = app(TenantCustomFieldService::class);
|
||||
@@ -21,7 +23,7 @@ if ($tenantId <= 0) {
|
||||
return;
|
||||
}
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$decision = $authorizationService->authorize(TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_CUSTOM_FIELDS_MANAGE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
'target_tenant_id' => $tenantId,
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\TenantAuthorizationPolicy;
|
||||
use MintyPHP\Service\CustomField\TenantCustomFieldService;
|
||||
@@ -7,6 +8,7 @@ use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$request = requestInput();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
@@ -20,7 +22,7 @@ if ($tenantId <= 0) {
|
||||
return;
|
||||
}
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$decision = $authorizationService->authorize(TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_CUSTOM_FIELDS_MANAGE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
'target_tenant_id' => $tenantId,
|
||||
|
||||
@@ -1,10 +1,12 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\TenantAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
|
||||
@@ -21,7 +23,7 @@ if (!$tenant) {
|
||||
return;
|
||||
}
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$tenantId = (int) ($tenant['id'] ?? 0);
|
||||
$decision = $authorizationService->authorize(TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_DELETE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
|
||||
@@ -1,16 +1,18 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\TenantAuthorizationPolicy;
|
||||
use MintyPHP\Service\CustomField\TenantCustomFieldService;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$request = requestInput();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
if ($currentUserId > 0) {
|
||||
app(\MintyPHP\Service\Access\PermissionGateway::class)->getUserPermissions($currentUserId);
|
||||
}
|
||||
|
||||
@@ -1,10 +1,12 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\TenantAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$tenantFaviconService = app(\MintyPHP\Service\Tenant\TenantFaviconService::class);
|
||||
@@ -25,7 +27,7 @@ if (!$tenantFaviconService->isValidUuid($uuid)) {
|
||||
|
||||
$tenant = app(\MintyPHP\Service\Tenant\TenantService::class)->findByUuid($uuid);
|
||||
$tenantId = (int) ($tenant['id'] ?? 0);
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$decision = $authorizationService->authorize(TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_MEDIA_UPDATE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
'target_tenant_id' => $tenantId,
|
||||
|
||||
@@ -1,10 +1,12 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\TenantAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$tenantFaviconService = app(\MintyPHP\Service\Tenant\TenantFaviconService::class);
|
||||
@@ -25,7 +27,7 @@ if (!$tenantFaviconService->isValidUuid($uuid)) {
|
||||
|
||||
$tenant = app(\MintyPHP\Service\Tenant\TenantService::class)->findByUuid($uuid);
|
||||
$tenantId = (int) ($tenant['id'] ?? 0);
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$decision = $authorizationService->authorize(TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_MEDIA_UPDATE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
'target_tenant_id' => $tenantId,
|
||||
|
||||
@@ -1,13 +1,15 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Service\Access\TenantAuthorizationPolicy;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_VIEW, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
@@ -46,7 +48,7 @@ $searchConfig = $listFilterContext['searchConfig'];
|
||||
Buffer::set('title', t('Tenants'));
|
||||
Buffer::set('grid_lang', json_encode(gridLang(), JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
|
||||
$csrfKey = Session::$csrfSessionKey;
|
||||
$csrfToken = $_SESSION[$csrfKey] ?? '';
|
||||
$csrfToken = $session[$csrfKey] ?? '';
|
||||
Buffer::set(
|
||||
'grid_csrf',
|
||||
json_encode(['key' => $csrfKey, 'token' => $csrfToken], JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES)
|
||||
|
||||
@@ -4,15 +4,17 @@ use MintyPHP\Buffer;
|
||||
use MintyPHP\Domain\Taxonomy\UserLifecycleAction;
|
||||
use MintyPHP\Domain\Taxonomy\UserLifecycleStatus;
|
||||
use MintyPHP\Domain\Taxonomy\UserLifecycleTriggerType;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Service\Access\UiAccessService;
|
||||
use MintyPHP\Service\Access\UiCapabilityMap;
|
||||
use MintyPHP\Service\Audit\UserLifecycleAuditService;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbility(\MintyPHP\Service\Access\OperationsAuthorizationPolicy::ABILITY_ADMIN_USER_LIFECYCLE_AUDIT_VIEW);
|
||||
$viewAuth['page'] = app(UiAccessService::class)->pageCapabilities(
|
||||
(int) ($_SESSION['user']['id'] ?? 0),
|
||||
(int) ($session['user']['id'] ?? 0),
|
||||
UiCapabilityMap::PAGE_AUDIT_PURGE
|
||||
);
|
||||
|
||||
|
||||
@@ -1,10 +1,12 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbility(\MintyPHP\Service\Access\OperationsAuthorizationPolicy::ABILITY_ADMIN_USERS_LIFECYCLE_RESTORE);
|
||||
|
||||
@@ -22,7 +24,7 @@ if (!Session::checkCsrfToken()) {
|
||||
|
||||
$result = app(\MintyPHP\Service\User\UserLifecycleRestoreService::class)->restoreFromLifecycleAudit(
|
||||
$auditId,
|
||||
(int) ($_SESSION['user']['id'] ?? 0)
|
||||
(int) ($session['user']['id'] ?? 0)
|
||||
);
|
||||
|
||||
if (!($result['ok'] ?? false)) {
|
||||
|
||||
@@ -2,12 +2,14 @@
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Domain\Taxonomy\UserLifecycleAction;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\UiAccessService;
|
||||
use MintyPHP\Service\Access\UiCapabilityMap;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbility(\MintyPHP\Service\Access\OperationsAuthorizationPolicy::ABILITY_ADMIN_USER_LIFECYCLE_AUDIT_VIEW);
|
||||
|
||||
@@ -24,7 +26,7 @@ if ((string) ($auditLog['action'] ?? '') === UserLifecycleAction::Delete->value)
|
||||
$snapshot = $auditService->decryptSnapshot($auditLog);
|
||||
}
|
||||
$viewAuth['page'] = app(UiAccessService::class)->pageCapabilities(
|
||||
(int) ($_SESSION['user']['id'] ?? 0),
|
||||
(int) ($session['user']['id'] ?? 0),
|
||||
UiCapabilityMap::PAGE_USER_LIFECYCLE_VIEW
|
||||
);
|
||||
|
||||
|
||||
@@ -1,11 +1,13 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\UserAuthorizationPolicy;
|
||||
use MintyPHP\Service\User\UserAccessPdfService;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
define('MINTY_ALLOW_OUTPUT', true);
|
||||
|
||||
// Hard gate: user must be logged in and explicitly allowed to generate access PDFs.
|
||||
@@ -38,7 +40,7 @@ if (!$user) {
|
||||
return;
|
||||
}
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$userId = (int) ($user['id'] ?? 0);
|
||||
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_ACCESS_PDF, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
|
||||
@@ -1,17 +1,19 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\UserAuthorizationPolicy;
|
||||
use MintyPHP\Service\User\UserAccessPdfService;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
define('MINTY_ALLOW_OUTPUT', true);
|
||||
|
||||
// Hard gate: user must be logged in and explicitly allowed to generate access PDFs.
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_ACCESS_PDF_BULK, [
|
||||
'actor_user_id' => (int) ($_SESSION['user']['id'] ?? 0),
|
||||
'actor_user_id' => (int) ($session['user']['id'] ?? 0),
|
||||
]);
|
||||
if (!$decision->isAllowed()) {
|
||||
Router::redirect('error/forbidden');
|
||||
@@ -49,7 +51,7 @@ if (count($uuids) > 100) {
|
||||
return;
|
||||
}
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$users = [];
|
||||
foreach ($uuids as $uuid) {
|
||||
$user = $userAccountService->findByUuid($uuid);
|
||||
|
||||
@@ -1,11 +1,13 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\Request;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\UserAuthorizationPolicy;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
|
||||
@@ -29,7 +31,7 @@ if (!Session::checkCsrfToken()) {
|
||||
}
|
||||
|
||||
$uuid = trim((string) ($id ?? ''));
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$user = $uuid !== '' ? $userAccountService->findByUuid($uuid) : null;
|
||||
$userId = (int) ($user['id'] ?? 0);
|
||||
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_ACTIVATE, [
|
||||
|
||||
@@ -1,10 +1,14 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\UserAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$sessionStore = app(SessionStoreInterface::class);
|
||||
$session = $sessionStore->all();
|
||||
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
|
||||
@@ -17,7 +21,7 @@ if (!$user) {
|
||||
}
|
||||
|
||||
$userId = (int) ($user['id'] ?? 0);
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_API_TOKENS_MANAGE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
'target_user_id' => $userId,
|
||||
@@ -37,7 +41,7 @@ if ($name === '') {
|
||||
$result = $apiTokenService->create($userId, $name, null, null, $currentUserId);
|
||||
|
||||
if ($result['ok'] ?? false) {
|
||||
$_SESSION['api_token_created'] = ['token' => $result['token'], 'uuid' => $uuid];
|
||||
$sessionStore->set('api_token_created', ['token' => $result['token'], 'uuid' => $uuid]);
|
||||
Flash::success(t('API token created. Copy it now — it will not be shown again.'), "admin/users/edit/{$uuid}", 'api_token_created');
|
||||
} else {
|
||||
$error = $result['error'] ?? 'create_failed';
|
||||
|
||||
@@ -1,10 +1,12 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\UserAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
|
||||
@@ -17,7 +19,7 @@ if (!$user) {
|
||||
}
|
||||
|
||||
$userId = (int) ($user['id'] ?? 0);
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_API_TOKENS_MANAGE, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
'target_user_id' => $userId,
|
||||
|
||||
@@ -1,10 +1,12 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\UserAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
|
||||
@@ -24,7 +26,7 @@ if (!$userAvatarService->isValidUuid($uuid)) {
|
||||
return;
|
||||
}
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$user = $uuid !== '' ? $userAccountService->findByUuid($uuid) : null;
|
||||
$userId = (int) ($user['id'] ?? 0);
|
||||
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_AVATAR_UPLOAD, [
|
||||
|
||||
@@ -1,10 +1,12 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\UserAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
|
||||
@@ -24,7 +26,7 @@ if (!$userAvatarService->isValidUuid($uuid)) {
|
||||
return;
|
||||
}
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$user = $uuid !== '' ? $userAccountService->findByUuid($uuid) : null;
|
||||
$userId = (int) ($user['id'] ?? 0);
|
||||
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_AVATAR_DELETE, [
|
||||
|
||||
@@ -1,8 +1,10 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Service\Access\UserAuthorizationPolicy;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
define('MINTY_ALLOW_OUTPUT', true);
|
||||
|
||||
Guard::requireLogin();
|
||||
@@ -17,7 +19,7 @@ if (!$userAvatarService->isValidUuid($uuid)) {
|
||||
return;
|
||||
}
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$user = $uuid !== '' ? $userAccountService->findByUuid($uuid) : null;
|
||||
$userId = (int) ($user['id'] ?? 0);
|
||||
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_AVATAR_VIEW, [
|
||||
|
||||
@@ -1,10 +1,12 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\UserAuthorizationPolicy;
|
||||
use MintyPHP\Service\User\UserAccessTemplateService;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
|
||||
$action = strtolower(trim((string) ($action ?? '')));
|
||||
@@ -25,7 +27,7 @@ if (!$uuids) {
|
||||
Router::json(['ok' => false, 'error' => 'no_selection']);
|
||||
}
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_BULK, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\Request;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\I18n;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\UiAccessService;
|
||||
@@ -11,11 +12,12 @@ use MintyPHP\Service\CustomField\UserCustomFieldValueService;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$request = requestInput();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_CREATE, [
|
||||
'actor_user_id' => (int) ($_SESSION['user']['id'] ?? 0),
|
||||
'actor_user_id' => (int) ($session['user']['id'] ?? 0),
|
||||
]);
|
||||
if (!$decision->isAllowed()) {
|
||||
if (Request::wantsJson()) {
|
||||
@@ -38,7 +40,7 @@ $tenantService = app(\MintyPHP\Service\Tenant\TenantService::class);
|
||||
$roleService = app(\MintyPHP\Service\Access\RoleService::class);
|
||||
$departmentService = app(\MintyPHP\Service\Org\DepartmentService::class);
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$uiAccessService = app(UiAccessService::class);
|
||||
$viewAuth['page'] = $uiAccessService->pageCapabilities($currentUserId, UiCapabilityMap::PAGE_USERS_CREATE);
|
||||
$pageAuth = is_array($viewAuth['page'] ?? null) ? $viewAuth['page'] : [];
|
||||
|
||||
@@ -1,8 +1,10 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Service\Access\UserAuthorizationPolicy;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
Guard::requireAbilityOrForbidden(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_VIEW);
|
||||
|
||||
@@ -11,7 +13,7 @@ gridRequireGetRequest();
|
||||
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
|
||||
$userAvatarService = app(\MintyPHP\Service\User\UserAvatarService::class);
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
|
||||
$filters = gridParseFiltersFromSchemaFile(__DIR__ . '/filter-schema.php');
|
||||
|
||||
|
||||
@@ -1,10 +1,12 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\Request;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\UserAuthorizationPolicy;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
|
||||
@@ -15,7 +17,7 @@ if ((requestInput()->method()) !== 'POST') {
|
||||
}
|
||||
|
||||
$uuid = trim((string) ($id ?? ''));
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$user = $uuid !== '' ? $userAccountService->findByUuid($uuid) : null;
|
||||
$userId = (int) ($user['id'] ?? 0);
|
||||
$errorBag = formErrors();
|
||||
|
||||
@@ -1,11 +1,13 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\Request;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\UserAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
|
||||
@@ -16,7 +18,7 @@ if ((requestInput()->method()) !== 'POST') {
|
||||
}
|
||||
|
||||
$uuid = trim((string) ($id ?? ''));
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$user = $uuid !== '' ? $userAccountService->findByUuid($uuid) : null;
|
||||
$userId = (int) ($user['id'] ?? 0);
|
||||
$errorBag = formErrors();
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\I18n;
|
||||
use MintyPHP\Repository\Auth\PasswordResetRepository;
|
||||
use MintyPHP\Repository\Auth\RememberTokenRepository;
|
||||
@@ -10,6 +11,9 @@ use MintyPHP\Service\CustomField\UserCustomFieldValueService;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$sessionStore = app(SessionStoreInterface::class);
|
||||
$session = $sessionStore->all();
|
||||
|
||||
Guard::requireLogin();
|
||||
$request = requestInput();
|
||||
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
|
||||
@@ -31,7 +35,7 @@ $departmentService = app(\MintyPHP\Service\Org\DepartmentService::class);
|
||||
$passwordMinLength = $userPasswordPolicyService->minLength();
|
||||
$passwordHints = $userPasswordPolicyService->hints();
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$uuid = trim((string) ($id ?? ''));
|
||||
$user = $uuid !== '' ? $userAccountService->findByUuid($uuid) : null;
|
||||
if (!$user) {
|
||||
@@ -269,10 +273,18 @@ if ($request->hasBody('email')) {
|
||||
if ($currentUserId === $userId && isset($form['theme'])) {
|
||||
$themes = appThemes();
|
||||
$themeValue = strtolower(trim((string) ($form['theme'] ?? '')));
|
||||
$_SESSION['user']['theme'] = isset($themes[$themeValue]) ? $themeValue : appDefaultTheme();
|
||||
$userSession = $sessionStore->get('user', []);
|
||||
if (is_array($userSession)) {
|
||||
$userSession['theme'] = isset($themes[$themeValue]) ? $themeValue : appDefaultTheme();
|
||||
$sessionStore->set('user', $userSession);
|
||||
}
|
||||
}
|
||||
if ($currentUserId === $userId && isset($form['locale'])) {
|
||||
$_SESSION['user']['locale'] = $form['locale'];
|
||||
$userSession = $sessionStore->get('user', []);
|
||||
if (is_array($userSession)) {
|
||||
$userSession['locale'] = $form['locale'];
|
||||
$sessionStore->set('user', $userSession);
|
||||
}
|
||||
I18n::$locale = $form['locale'];
|
||||
}
|
||||
if (!$errorBag->hasAny()) {
|
||||
|
||||
@@ -1,14 +1,16 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\Request;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\UserAuthorizationPolicy;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_VIEW, [
|
||||
'actor_user_id' => (int) ($_SESSION['user']['id'] ?? 0),
|
||||
'actor_user_id' => (int) ($session['user']['id'] ?? 0),
|
||||
]);
|
||||
if (!$decision->isAllowed()) {
|
||||
if (Request::wantsJson()) {
|
||||
@@ -21,7 +23,7 @@ if (!$decision->isAllowed()) {
|
||||
}
|
||||
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
|
||||
$search = trim((string) (requestInput()->queryAll()['search'] ?? ''));
|
||||
$order = (string) (requestInput()->queryAll()['order'] ?? 'id');
|
||||
|
||||
@@ -1,10 +1,12 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\UserAuthorizationPolicy;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
|
||||
@@ -18,7 +20,7 @@ if (!$user) {
|
||||
}
|
||||
|
||||
$userId = (int) ($user['id'] ?? 0);
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_FORGET_TOKENS, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
'target_user_id' => $userId,
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\Request;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\UiAccessService;
|
||||
use MintyPHP\Service\Access\UiCapabilityMap;
|
||||
@@ -9,10 +10,11 @@ use MintyPHP\Service\Access\UserAuthorizationPolicy;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_VIEW, [
|
||||
'actor_user_id' => (int) ($_SESSION['user']['id'] ?? 0),
|
||||
'actor_user_id' => (int) ($session['user']['id'] ?? 0),
|
||||
]);
|
||||
if (!$decision->isAllowed()) {
|
||||
if (Request::wantsJson()) {
|
||||
@@ -38,7 +40,7 @@ $filterState = gridParseFilters($query, [
|
||||
'search' => ['type' => 'string'],
|
||||
]);
|
||||
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$allowedTenantIds = app(\MintyPHP\Service\Directory\DirectoryScopeGateway::class)->getUserTenantIds($currentUserId);
|
||||
$uiAccessService = app(UiAccessService::class);
|
||||
$selfEditDecision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_EDIT_CONTEXT, [
|
||||
@@ -56,7 +58,7 @@ $viewAuth['page'] = [
|
||||
Buffer::set('title', t('Users'));
|
||||
Buffer::set('grid_lang', json_encode(gridLang(), JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
|
||||
$csrfKey = Session::$csrfSessionKey;
|
||||
$csrfToken = $_SESSION[$csrfKey] ?? '';
|
||||
$csrfToken = $session[$csrfKey] ?? '';
|
||||
Buffer::set(
|
||||
'grid_csrf',
|
||||
json_encode(['key' => $csrfKey, 'token' => $csrfToken], JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES)
|
||||
|
||||
@@ -1,11 +1,13 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\UserAuthorizationPolicy;
|
||||
use MintyPHP\Service\User\UserAccessTemplateService;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
|
||||
@@ -20,7 +22,7 @@ if (!$user) {
|
||||
}
|
||||
|
||||
$userId = (int) ($user['id'] ?? 0);
|
||||
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_SEND_ACCESS, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
'target_user_id' => $userId,
|
||||
|
||||
@@ -1,10 +1,14 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\Request;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$sessionStore = app(SessionStoreInterface::class);
|
||||
$session = $sessionStore->all();
|
||||
|
||||
Guard::requireLogin();
|
||||
$userTenantContextService = app(\MintyPHP\Service\User\UserTenantContextService::class);
|
||||
$errorBag = formErrors();
|
||||
@@ -26,7 +30,7 @@ if (!Session::checkCsrfToken()) {
|
||||
return;
|
||||
}
|
||||
|
||||
$userId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$userId = (int) ($session['user']['id'] ?? 0);
|
||||
if ($userId <= 0) {
|
||||
http_response_code(401);
|
||||
if (Request::wantsJson()) {
|
||||
@@ -67,16 +71,18 @@ if (!($result['ok'] ?? false)) {
|
||||
}
|
||||
|
||||
// Update session with new current tenant
|
||||
if (isset($_SESSION['user'])) {
|
||||
$_SESSION['user']['current_tenant_id'] = $tenantId;
|
||||
if (isset($session['user']) && is_array($session['user'])) {
|
||||
$userSession = $session['user'];
|
||||
$userSession['current_tenant_id'] = $tenantId;
|
||||
$sessionStore->set('user', $userSession);
|
||||
}
|
||||
|
||||
// Update session with full tenant data
|
||||
$_SESSION['current_tenant'] = $result['tenant'] ?? null;
|
||||
$sessionStore->set('current_tenant', $result['tenant'] ?? null);
|
||||
|
||||
// Reload available tenants and departments
|
||||
$_SESSION['available_tenants'] = $userTenantContextService->getAvailableTenants($userId);
|
||||
$_SESSION['available_departments_by_tenant'] = $userTenantContextService->getAvailableDepartmentsByTenant($userId);
|
||||
$sessionStore->set('available_tenants', $userTenantContextService->getAvailableTenants($userId));
|
||||
$sessionStore->set('available_departments_by_tenant', $userTenantContextService->getAvailableDepartmentsByTenant($userId));
|
||||
|
||||
if (Request::wantsJson()) {
|
||||
Router::json([
|
||||
|
||||
@@ -1,10 +1,14 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\Request;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$sessionStore = app(SessionStoreInterface::class);
|
||||
$session = $sessionStore->all();
|
||||
|
||||
Guard::requireLogin();
|
||||
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
|
||||
$errorBag = formErrors();
|
||||
@@ -24,7 +28,7 @@ if (!Session::checkCsrfToken()) {
|
||||
return;
|
||||
}
|
||||
|
||||
$userId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$userId = (int) ($session['user']['id'] ?? 0);
|
||||
if ($userId <= 0) {
|
||||
http_response_code(401);
|
||||
if (Request::wantsJson()) {
|
||||
@@ -70,7 +74,11 @@ if (!$updated) {
|
||||
return;
|
||||
}
|
||||
|
||||
$_SESSION['user']['theme'] = $theme;
|
||||
$userSession = $sessionStore->get('user', []);
|
||||
if (is_array($userSession)) {
|
||||
$userSession['theme'] = $theme;
|
||||
$sessionStore->set('user', $userSession);
|
||||
}
|
||||
|
||||
if (Request::wantsJson()) {
|
||||
Router::json(['ok' => true, 'theme' => $theme]);
|
||||
|
||||
@@ -2,11 +2,14 @@
|
||||
|
||||
use MintyPHP\Http\ApiBootstrap;
|
||||
use MintyPHP\Http\ApiResponse;
|
||||
use MintyPHP\Http\RequestRuntimeInterface;
|
||||
use MintyPHP\Service\Auth\ApiTokenEndpointService;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Service\Security\SecurityServicesFactory;
|
||||
use MintyPHP\Service\User\UserServicesFactory;
|
||||
|
||||
$requestRuntime = app(RequestRuntimeInterface::class);
|
||||
|
||||
ApiBootstrap::init(false);
|
||||
ApiResponse::requireMethod('POST');
|
||||
|
||||
@@ -16,7 +19,7 @@ $apiTokenEndpointService = app(ApiTokenEndpointService::class);
|
||||
|
||||
// ---- Login-specific rate limits (stricter than the general API rate limit in ApiBootstrap) ----
|
||||
$rateLimiter = (app(SecurityServicesFactory::class))->createRateLimiterService();
|
||||
$ip = $_SERVER['REMOTE_ADDR'] ?? '';
|
||||
$ip = $requestRuntime->ip();
|
||||
|
||||
$ipResult = $rateLimiter->isBlocked('api.auth.login.ip', $ip);
|
||||
if (!($ipResult['allowed'] ?? true)) {
|
||||
|
||||
@@ -1,11 +1,14 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
$sessionStore = app(SessionStoreInterface::class);
|
||||
|
||||
$request = requestInput();
|
||||
$errorBag = formErrors();
|
||||
$errors = [];
|
||||
@@ -19,7 +22,7 @@ if ($request->isMethod('POST')) {
|
||||
$errorBag->addGlobal(t('Please enter a valid email address'));
|
||||
} else {
|
||||
$passwordResetService->requestReset($email);
|
||||
$_SESSION['password_reset_email'] = $email;
|
||||
$sessionStore->set('password_reset_email', $email);
|
||||
Flash::success(
|
||||
t('If the email exists, a verification code has been sent.'),
|
||||
'password/verify',
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\RequestRuntimeInterface;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Service\Security\SecurityServicesFactory;
|
||||
@@ -8,7 +10,11 @@ use MintyPHP\Service\User\UserServicesFactory;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
if (!empty($_SESSION['user']['id'])) {
|
||||
$requestRuntime = app(RequestRuntimeInterface::class);
|
||||
$sessionStore = app(SessionStoreInterface::class);
|
||||
$session = $sessionStore->all();
|
||||
|
||||
if (!empty($session['user']['id'])) {
|
||||
if (Flash::has()) {
|
||||
Flash::keep();
|
||||
}
|
||||
@@ -146,7 +152,7 @@ if (requestInput()->method() === 'POST') {
|
||||
} else {
|
||||
$postedStage = trim((string) (requestInput()->bodyAll()['stage'] ?? 'resolve_email'));
|
||||
$email = trim((string) (requestInput()->bodyAll()['email'] ?? ''));
|
||||
$clientIp = trim((string) ($_SERVER['REMOTE_ADDR'] ?? ''));
|
||||
$clientIp = trim((string) ($requestRuntime->ip()));
|
||||
if ($clientIp === '') {
|
||||
$clientIp = 'unknown';
|
||||
}
|
||||
@@ -253,7 +259,7 @@ if (requestInput()->method() === 'POST') {
|
||||
$result = $authService->login($email, $password);
|
||||
if (!($result['ok'] ?? false)) {
|
||||
if (!empty($result['needs_verification'])) {
|
||||
$_SESSION['email_verification_email'] = $result['email'] ?? $email;
|
||||
$sessionStore->set('email_verification_email', $result['email'] ?? $email);
|
||||
Flash::error(t('Please verify your email first'), 'verify-email', 'login_not_verified');
|
||||
Router::redirect('verify-email');
|
||||
return;
|
||||
@@ -270,7 +276,8 @@ if (requestInput()->method() === 'POST') {
|
||||
$setRateLimitWarning((int) ($passwordFailureResult['retry_after'] ?? $loginPasswordBlock));
|
||||
}
|
||||
} else {
|
||||
$userId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$authenticatedUser = $sessionStore->get('user', []);
|
||||
$userId = (int) (is_array($authenticatedUser) ? ($authenticatedUser['id'] ?? 0) : 0);
|
||||
if ($userId <= 0 || !$authService->canLoginToTenant($userId, $selectedTenantId)) {
|
||||
$authService->logout();
|
||||
$setLoginWarning(t('No access to this tenant'));
|
||||
|
||||
@@ -1,10 +1,13 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Service\User\UserServicesFactory;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
$sessionStore = app(SessionStoreInterface::class);
|
||||
|
||||
$request = requestInput();
|
||||
$error = false;
|
||||
if (!allowRegistration()) {
|
||||
@@ -32,7 +35,7 @@ if ($request->hasBody('email')) {
|
||||
$error = $result['error'] ?? t('User can not be registered');
|
||||
} else {
|
||||
// Store email in session for verify-email page
|
||||
$_SESSION['email_verification_email'] = $result['email'] ?? $email;
|
||||
$sessionStore->set('email_verification_email', $result['email'] ?? $email);
|
||||
Flash::success(t('Registration successful! Please check your email for the verification code.'), 'verify-email', 'registration_success');
|
||||
Router::redirect('verify-email');
|
||||
}
|
||||
|
||||
@@ -1,12 +1,16 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Service\User\UserServicesFactory;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
$sessionStore = app(SessionStoreInterface::class);
|
||||
$session = $sessionStore->all();
|
||||
|
||||
$request = requestInput();
|
||||
$errorBag = formErrors();
|
||||
$errors = [];
|
||||
@@ -14,7 +18,7 @@ $password = (string) $request->body('password', '');
|
||||
$password2 = (string) $request->body('password2', '');
|
||||
$passwordResetService = (app(AuthServicesFactory::class))->createPasswordResetService();
|
||||
|
||||
$resetId = (int) ($_SESSION['password_reset_id'] ?? 0);
|
||||
$resetId = (int) ($session['password_reset_id'] ?? 0);
|
||||
if ($resetId <= 0) {
|
||||
Router::redirect('password/forgot');
|
||||
}
|
||||
@@ -25,8 +29,8 @@ if ($request->isMethod('POST')) {
|
||||
} else {
|
||||
$result = $passwordResetService->resetPassword($resetId, $password, $password2);
|
||||
if ($result['ok'] ?? false) {
|
||||
unset($_SESSION['password_reset_id']);
|
||||
unset($_SESSION['password_reset_email']);
|
||||
$sessionStore->remove('password_reset_id');
|
||||
$sessionStore->remove('password_reset_email');
|
||||
Flash::success(t('Password updated'), 'login', 'password_updated');
|
||||
Router::redirect('login');
|
||||
} else {
|
||||
|
||||
@@ -1,15 +1,19 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
$sessionStore = app(SessionStoreInterface::class);
|
||||
$session = $sessionStore->all();
|
||||
|
||||
$request = requestInput();
|
||||
$errorBag = formErrors();
|
||||
$errors = [];
|
||||
$email = trim((string) $request->body('email', $_SESSION['password_reset_email'] ?? ''));
|
||||
$email = trim((string) $request->body('email', $session['password_reset_email'] ?? ''));
|
||||
$code = trim((string) $request->body('code', ''));
|
||||
$passwordResetService = (app(AuthServicesFactory::class))->createPasswordResetService();
|
||||
|
||||
@@ -23,8 +27,8 @@ if ($request->isMethod('POST')) {
|
||||
} else {
|
||||
$result = $passwordResetService->verifyCode($email, $code);
|
||||
if ($result['ok'] ?? false) {
|
||||
$_SESSION['password_reset_id'] = (int) $result['reset_id'];
|
||||
unset($_SESSION['password_reset_email']);
|
||||
$sessionStore->set('password_reset_id', (int) $result['reset_id']);
|
||||
$sessionStore->remove('password_reset_email');
|
||||
Flash::success(t('Code verified'), 'password/reset', 'reset_verified');
|
||||
Router::redirect('password/reset');
|
||||
} else {
|
||||
|
||||
@@ -1,15 +1,19 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Auth\AuthServicesFactory;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
$sessionStore = app(SessionStoreInterface::class);
|
||||
$session = $sessionStore->all();
|
||||
|
||||
$request = requestInput();
|
||||
$errorBag = formErrors();
|
||||
$errors = [];
|
||||
$email = trim((string) $request->body('email', $_SESSION['email_verification_email'] ?? ''));
|
||||
$email = trim((string) $request->body('email', $session['email_verification_email'] ?? ''));
|
||||
$code = trim((string) $request->body('code', ''));
|
||||
$emailVerificationService = (app(AuthServicesFactory::class))->createEmailVerificationService();
|
||||
|
||||
@@ -42,7 +46,7 @@ if ($request->isMethod('POST')) {
|
||||
} else {
|
||||
$result = $emailVerificationService->verifyCode($email, $code);
|
||||
if ($result['ok'] ?? false) {
|
||||
unset($_SESSION['email_verification_email']);
|
||||
$sessionStore->remove('email_verification_email');
|
||||
|
||||
Flash::success(t('Email verified successfully! Please login.'), 'login', 'email_verified');
|
||||
Router::redirect('login');
|
||||
|
||||
@@ -1,8 +1,10 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
|
||||
if (isset($_SESSION['user'])) {
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
if (isset($session['user'])) {
|
||||
Router::redirect('admin');
|
||||
} else {
|
||||
Router::redirect('login');
|
||||
|
||||
@@ -1,11 +1,15 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\Request;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\I18n;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\User\UserServicesFactory;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
$sessionStore = app(SessionStoreInterface::class);
|
||||
$session = $sessionStore->all();
|
||||
|
||||
$request = requestInput();
|
||||
$rawLocale = (string) $request->body(
|
||||
'locale',
|
||||
@@ -23,11 +27,15 @@ if ($locale === '' || !in_array($locale, $locales, true)) {
|
||||
}
|
||||
|
||||
I18n::$locale = $locale;
|
||||
if (isset($_SESSION['user']['id'])) {
|
||||
$userId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
if (isset($session['user']['id'])) {
|
||||
$userId = (int) ($session['user']['id'] ?? 0);
|
||||
if ($userId) {
|
||||
(app(UserServicesFactory::class))->createUserAccountService()->setLocale($userId, $locale);
|
||||
$_SESSION['user']['locale'] = $locale;
|
||||
$userSession = $sessionStore->get('user', []);
|
||||
if (is_array($userSession)) {
|
||||
$userSession['locale'] = $locale;
|
||||
$sessionStore->set('user', $userSession);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
setcookie('locale', $locale, time() + 31536000, '/', '', false, true);
|
||||
|
||||
@@ -1,13 +1,17 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\Request;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\I18n;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Content\PageService;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
$user = $_SESSION['user'] ?? [];
|
||||
$sessionStore = app(SessionStoreInterface::class);
|
||||
$session = $sessionStore->all();
|
||||
|
||||
$user = $session['user'] ?? [];
|
||||
$currentUserId = (int) ($user['id'] ?? 0);
|
||||
if ($currentUserId <= 0) {
|
||||
Flash::error(t('Login required'), Request::safeReturnTarget((string) (requestInput()->bodyAll()['return'] ?? '')), 'login_required');
|
||||
@@ -37,6 +41,12 @@ if (!($result['ok'] ?? false)) {
|
||||
Router::redirect($return);
|
||||
}
|
||||
|
||||
$_SESSION['page_edit_mode'][$slug] = 1;
|
||||
$pageEditMode = $sessionStore->get('page_edit_mode', []);
|
||||
if (!is_array($pageEditMode)) {
|
||||
$pageEditMode = [];
|
||||
}
|
||||
$pageEditMode[$slug] = 1;
|
||||
$sessionStore->set('page_edit_mode', $pageEditMode);
|
||||
|
||||
Flash::success(t('Content copied'), $return, 'page_copy_ok');
|
||||
Router::redirect($return);
|
||||
|
||||
@@ -2,12 +2,16 @@
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\Request;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\I18n;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Content\PageService;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Flash;
|
||||
|
||||
$sessionStore = app(SessionStoreInterface::class);
|
||||
$session = $sessionStore->all();
|
||||
|
||||
$slug = trim((string) ($slug ?? ''));
|
||||
if ($slug === '') {
|
||||
Router::redirect('');
|
||||
@@ -22,7 +26,7 @@ if ($notFound) {
|
||||
Buffer::set('title', t('Page not found'));
|
||||
}
|
||||
|
||||
$user = $_SESSION['user'] ?? [];
|
||||
$user = $session['user'] ?? [];
|
||||
$currentUserId = (int) ($user['id'] ?? 0);
|
||||
$canEdit = $currentUserId > 0;
|
||||
$returnPath = Request::path();
|
||||
@@ -35,11 +39,22 @@ if ($requestedReturn !== '') {
|
||||
}
|
||||
$formAction = '/' . ltrim($returnPath, '/');
|
||||
$wantsJson = Request::wantsJson();
|
||||
$markEditMode = static function (string $pageSlug) use ($sessionStore): void {
|
||||
$pageEditMode = $sessionStore->get('page_edit_mode', []);
|
||||
if (!is_array($pageEditMode)) {
|
||||
$pageEditMode = [];
|
||||
}
|
||||
|
||||
$pageEditMode[$pageSlug] = 1;
|
||||
$sessionStore->set('page_edit_mode', $pageEditMode);
|
||||
};
|
||||
|
||||
$sessionEdit = false;
|
||||
if (!empty($_SESSION['page_edit_mode']) && is_array($_SESSION['page_edit_mode'])) {
|
||||
$sessionEdit = !empty($_SESSION['page_edit_mode'][$slug]);
|
||||
unset($_SESSION['page_edit_mode'][$slug]);
|
||||
if (!empty($session['page_edit_mode']) && is_array($session['page_edit_mode'])) {
|
||||
$sessionEdit = !empty($session['page_edit_mode'][$slug]);
|
||||
$pageEditMode = $session['page_edit_mode'];
|
||||
unset($pageEditMode[$slug]);
|
||||
$sessionStore->set('page_edit_mode', $pageEditMode);
|
||||
}
|
||||
|
||||
if (requestInput()->method() === 'POST') {
|
||||
@@ -68,19 +83,19 @@ if (requestInput()->method() === 'POST') {
|
||||
$firstError = (string) ($errors[0] ?? t('Page can not be updated'));
|
||||
Flash::error($firstError, $returnPath, 'page_update_failed');
|
||||
if ($wantsJson) {
|
||||
$_SESSION['page_edit_mode'][$slug] = 1;
|
||||
$markEditMode($slug);
|
||||
Router::json(['ok' => false, 'error' => 'invalid', 'redirect' => $returnPath]);
|
||||
}
|
||||
$_SESSION['page_edit_mode'][$slug] = 1;
|
||||
$markEditMode($slug);
|
||||
Router::redirect($returnPath);
|
||||
}
|
||||
|
||||
Flash::success(t('Page updated'), $returnPath, 'page_updated');
|
||||
if ($wantsJson) {
|
||||
$_SESSION['page_edit_mode'][$slug] = 1;
|
||||
$markEditMode($slug);
|
||||
Router::json(['ok' => true, 'redirect' => $returnPath]);
|
||||
}
|
||||
$_SESSION['page_edit_mode'][$slug] = 1;
|
||||
$markEditMode($slug);
|
||||
Router::redirect($returnPath);
|
||||
}
|
||||
|
||||
|
||||
@@ -1,13 +1,15 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\I18n;
|
||||
use MintyPHP\Service\Search\SearchDataService;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
gridRequireGetRequest();
|
||||
|
||||
$userId = (int) ($_SESSION['user']['id'] ?? 0);
|
||||
$userId = (int) ($session['user']['id'] ?? 0);
|
||||
$filters = gridParseFiltersFromSchemaFile(__DIR__ . '/filter-schema.php');
|
||||
|
||||
if ($filters['search'] === '') {
|
||||
|
||||
@@ -1,9 +1,11 @@
|
||||
<?php
|
||||
|
||||
use MintyPHP\Buffer;
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Session;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
|
||||
$filterSchema = require __DIR__ . '/filter-schema.php';
|
||||
@@ -24,7 +26,7 @@ $clientFilterSchema = $listFilterContext['clientFilterSchema'];
|
||||
$searchConfig = $listFilterContext['searchConfig'];
|
||||
|
||||
$csrfKey = Session::$csrfSessionKey;
|
||||
$csrfToken = $_SESSION[$csrfKey] ?? '';
|
||||
$csrfToken = $session[$csrfKey] ?? '';
|
||||
|
||||
Buffer::set('title', t('Search results'));
|
||||
Buffer::set('grid_lang', json_encode(gridLang(), JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
|
||||
|
||||
Reference in New Issue
Block a user