- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks - Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists - Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services - Add Microsoft OIDC SSO, API token management, and user lifecycle features - Add swagger-ui vendor integration and OpenAPI spec - Add production Docker setup and bin/ scripts - Update composer dependencies, config, templates, and frontend assets throughout Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
35 lines
948 B
PHP
35 lines
948 B
PHP
<?php
|
|
|
|
/**
|
|
* Resolve the profile target for the current session user.
|
|
*/
|
|
function accountUrl(): string
|
|
{
|
|
$user = $_SESSION['user'] ?? [];
|
|
$uuid = (string) ($user['uuid'] ?? '');
|
|
return $uuid !== '' ? lurl('profile') : lurl('login');
|
|
}
|
|
|
|
/**
|
|
* Check if the current user has a permission key.
|
|
*/
|
|
function can(string $permissionKey): bool
|
|
{
|
|
$userId = (int) ($_SESSION['user']['id'] ?? 0);
|
|
if ($userId <= 0) {
|
|
return false;
|
|
}
|
|
if (!class_exists('MintyPHP\\Service\\Access\\PermissionService')) {
|
|
return false;
|
|
}
|
|
// First try the in-memory/session cache, then fall back to a direct fetch.
|
|
$keys = \MintyPHP\Service\Access\PermissionService::getCachedPermissions($userId);
|
|
if (!$keys) {
|
|
$keys = \MintyPHP\Service\Access\PermissionService::getUserPermissions($userId);
|
|
if (!$keys) {
|
|
return false;
|
|
}
|
|
}
|
|
return in_array($permissionKey, $keys, true);
|
|
}
|