AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-07 06:14:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Move more things to new role perms system

Browse Source
This commit is contained in:
Marcus Hill
2024-12-20 11:23:41 +00:00
parent dacbc51f95
commit bd7a156800
2 changed files with 11 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
check_login.php
View File

@@ -59,6 +59,8 @@ $session_user_role = intval($row['user_role']);
$session_user_role_display = sanitizeInput($row['user_role_name']);
if (isset($row['user_role_is_admin']) && $row['user_role_is_admin'] == 1) {
$session_is_admin = true;
} else {
$session_is_admin = false;
}
$session_user_config_force_mfa = intval($row['user_config_force_mfa']);
$user_config_records_per_page = intval($row['user_config_records_per_page']);
@@ -88,12 +90,13 @@ try {
$client_access_string = implode(',', $client_access_array);
// Role / Client Access Permission Check
if ($session_user_role < 3 && !empty($client_access_string)) {
// Client access permission check
// Default allow, if a list of allowed clients is set & the user isn't an admin, restrict them
$access_permission_query = "";
if ($client_access_string && !$session_is_admin) {
$access_permission_query = "AND clients.client_id IN ($client_access_string)";
} else {
$access_permission_query = "";
}
} catch (Exception $e) {
// Handle exception
error_log('MySQL error: ' . $e->getMessage());