forked from silexlabs/amfphp-2.0
-
Notifications
You must be signed in to change notification settings - Fork 1
/
AccessManager.php
53 lines (43 loc) · 1.24 KB
/
AccessManager.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
<?php
/**
* This file is part of amfPHP
*
* LICENSE
*
* This source file is subject to the license that is bundled
* with this package in the file license.txt.
* @package Amfphp_Backoffice
*
*/
/**
*controls access to back office, along with SignIn, SignOut scripts
*
*
* @author Ariel Sommeria-klein
* @package Amfphp_Backoffice
*/
class Amfphp_BackOffice_AccessManager {
/**
* the field in the session where the roles array is stored
*/
const SESSION_FIELD_ROLES = 'amfphp_roles';
const AMFPHP_ADMIN_ROLE = 'amfphp_admin';
/**
* checks if access should be granted, either because no sign in is required, or because the user is actually signed in.
* note: must be called before output starts, as starting a session can change headers on some configs.
*/
public function isAccessGranted() {
$config = new Amfphp_BackOffice_Config();
if(!$config->requireSignIn){
return true;
}
if (session_id() == '') {
session_start();
}
if (!isset($_SESSION[self::SESSION_FIELD_ROLES])) {
return false;
}
return isset($_SESSION[self::SESSION_FIELD_ROLES][self::AMFPHP_ADMIN_ROLE]);
}
}
?>