goodspeed/Cloudlog
1
0
派生 0
代码 工单 合并请求 项目 版本发布 软件包 百科 动态 Actions

Further authentication changes.

浏览代码
这个提交包含在:
Andy Smith 2011-08-19 18:24:56 +01:00
父节点 cd3a85ac1b
当前提交 576df8be26
共有 7 个文件被更改,包括 70 次插入11 次删除
显示统计信息 下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

19
application/controllers/contest.php
查看文件

@ -6,6 +6,16 @@ class Contest extends CI_Controller {
// Displays available contests // Displays available contests
public function index() public function index()
{ {
$this->load->model('user_model');
if(!$this->user_model->authorize($this->config->item('auth_mode'))) {
if($this->user_model->validate_session()) {
$this->user_model->clear_session();
show_error('Access denied<p>Click <a href="'.site_url('user/login').'">here</a> to log in as another user', 403);
} else {
redirect('user/login');
}
}
// Load database items // Load database items
$this->load->model('contests'); $this->load->model('contests');
$data['contests'] = $this->contests->list_contests(); $data['contests'] = $this->contests->list_contests();
@ -20,6 +30,15 @@ class Contest extends CI_Controller {
Displays contest logging view based on the ID provided, allowing users to log in contest mode giving them serial numbers and scoring information. Displays contest logging view based on the ID provided, allowing users to log in contest mode giving them serial numbers and scoring information.
*/ */
public function view($id) { public function view($id) {
$this->load->model('user_model');
if(!$this->user_model->authorize($this->config->item('auth_mode'))) {
if($this->user_model->validate_session()) {
$this->user_model->clear_session();
show_error('Access denied<p>Click <a href="'.site_url('user/login').'">here</a> to log in as another user', 403);
} else {
redirect('user/login');
}
}
// Load database information // Load database information
$this->load->model('contests'); $this->load->model('contests');

10
application/controllers/dashboard.php
查看文件

@ -14,6 +14,15 @@ class Dashboard extends CI_Controller {
// Database connections // Database connections
$this->load->model('logbook_model'); $this->load->model('logbook_model');
$this->load->model('user_model');
if(!$this->user_model->authorize($this->config->item('auth_mode'))) {
if($this->user_model->validate_session()) {
$this->user_model->clear_session();
show_error('Access denied<p>Click <a href="'.site_url('user/login').'">here</a> to log in as another user', 403);
} else {
redirect('user/login');
}
}
// Store info // Store info
$data['todays_qsos'] = $this->logbook_model->todays_qsos(); $data['todays_qsos'] = $this->logbook_model->todays_qsos();
@ -39,6 +48,7 @@ class Dashboard extends CI_Controller {
function todays_map() { function todays_map() {
$this->load->model('logbook_model'); $this->load->model('logbook_model');
// TODO: Auth
$qsos = $this->logbook_model->get_todays_qsos(''); $qsos = $this->logbook_model->get_todays_qsos('');

10
application/controllers/search.php
查看文件

@ -4,6 +4,16 @@ class Search extends CI_Controller {
public function index() public function index()
{ {
$this->load->model('user_model');
if(!$this->user_model->authorize($this->config->item('auth_mode'))) {
if($this->user_model->validate_session()) {
$this->user_model->clear_session();
show_error('Access denied<p>Click <a href="'.site_url('user/login').'">here</a> to log in as another user', 403);
} else {
redirect('user/login');
}
}
$this->load->view('layout/header'); $this->load->view('layout/header');
$this->load->view('search/main'); $this->load->view('search/main');
$this->load->view('layout/footer'); $this->load->view('layout/footer');

9
application/controllers/statistics.php
查看文件

@ -5,6 +5,15 @@ class Statistics extends CI_Controller {
public function index() public function index()
{ {
$this->load->model('user_model');
if(!$this->user_model->authorize($this->config->item('auth_mode'))) {
if($this->user_model->validate_session()) {
$this->user_model->clear_session();
show_error('Access denied<p>Click <a href="'.site_url('user/login').'">here</a> to log in as another user', 403);
} else {
redirect('user/login');
}
}
// Database connections // Database connections
$this->load->model('logbook_model'); $this->load->model('logbook_model');

10
application/models/user_model.php
查看文件

@ -202,6 +202,8 @@ class User_Model extends CI_Model {
$user_hash = $this->session->userdata('user_hash'); $user_hash = $this->session->userdata('user_hash');
if($this->_auth($user_id."-".$user_type, $user_hash)) { if($this->_auth($user_id."-".$user_type, $user_hash)) {
// Freshen the session
$this->update_session($user_id);
return 1; return 1;
} else { } else {
$this->clear_session(); $this->clear_session();
@ -229,7 +231,13 @@ class User_Model extends CI_Model {
// Checks a user's level of access against the given $level // Checks a user's level of access against the given $level
function authorize($level) { function authorize($level) {
$u = $this->get_by_id($this->session->userdata('user_id')); $u = $this->get_by_id($this->session->userdata('user_id'));
if(($this->validate_session()) && ($u->row()->user_type >= $level) || $this->config->item('use_auth') == FALSE) { $l = $this->config->item('auth_mode');
// Check to see if the minimum level of access is higher than
// the user's own level. If it is, use that.
if($this->config->item('auth_mode') > $level) {
$level = $this->config->item('auth_mode');
}
if(($this->validate_session()) && ($u->row()->user_type >= $level) || $this->config->item('use_auth') == FALSE || $level == 0) {
return 1; return 1;
} else { } else {
return 0; return 0;

11
application/views/layout/header.php
查看文件

@ -130,18 +130,21 @@ margin: 10px 0;
<div id="nav"> <div id="nav">
<ul id="navlist"> <ul id="navlist">
<?php if((($this->config->item('use_auth')) && ($this->session->userdata('user_type') >= $this->config->item('auth_mode'))) || $this->config->item('use_auth') === FALSE) { ?>
<li><a href="<?php echo site_url();?> " title="Dashboard">Dashboard</a></li> <li><a href="<?php echo site_url();?> " title="Dashboard">Dashboard</a></li>
<li><a href="<?php echo site_url('logbook');?>" title="View Log">View Log</a></li> <li><a href="<?php echo site_url('logbook');?>" title="View Log">View Log</a></li>
<li><a href="<?php echo site_url('search');?>" title="Search">Search</a></li> <li><a href="<?php echo site_url('search');?>" title="Search">Search</a></li>
<?php if(!$this->config->item('use_auth') || $this->session->userdata('user_type') >= 2) { ?> <?php if(($this->config->item('use_auth') && ($this->session->userdata('user_type') >= 2)) || $this->config->item('use_auth') === FALSE) { ?>
<li><a href="<?php echo site_url('qso');?>" title="Add QSO">Add QSO</a></li> <li><a href="<?php echo site_url('qso');?>" title="Add QSO">Add QSO</a></li>
<?php } ?>
<li><a href="<?php echo site_url('contest');?>" title="Contests">Contests</a></li> <li><a href="<?php echo site_url('contest');?>" title="Contests">Contests</a></li>
<?php if(($this->config->item('use_auth') && ($this->session->userdata('user_type') >= 2)) || $this->config->item('use_auth') === FALSE){ ?>
<li><a href="<?php echo site_url('notes');?>" title="Notes">Notes</a></li> <li><a href="<?php echo site_url('notes');?>" title="Notes">Notes</a></li>
<?php } ?> <?php } ?>
<li><a href="<?php echo site_url('statistics');?>" title="Statistics">Statistics</a></li> <li><a href="<?php echo site_url('statistics');?>" title="Statistics">Statistics</a></li>
<?php if($this->config->item('use_auth') && $this->session->userdata('user_type') >= 99) { ?> <?php if(($this->config->item('use_auth') && $this->session->userdata('user_type') >= 99) || $this->config->item('use_auth') === FALSE) { ?>
<li><a href="#" id="admin">Admin</a></li> <li><a href="#" id="admin">Admin</a></li>
<?php } ?> <?php }} ?>
</ul> </ul>
<?php if($this->config->item('use_auth')) { ?> <?php if($this->config->item('use_auth')) { ?>
@ -157,7 +160,7 @@ margin: 10px 0;
</div> </div>
<div id="submenu"> <div id="submenu">
<ul id="sublist"> <ul id="sublist">
<?php if($this->config->item('use_auth') && $this->session->userdata('user_type') >= 99) { ?> <?php if(($this->config->item('use_auth') && $this->session->userdata('user_type') >= 99) || $this->config->item('use_auth') === FALSE){ ?>
<li class="ui-corner-all"><a href="<?php echo site_url('user');?>" title="Users">Users</a></li> <li class="ui-corner-all"><a href="<?php echo site_url('user');?>" title="Users">Users</a></li>
<li><a href="<?php echo site_url('setup');?>" title="Setup">Setup</a></li> <li><a href="<?php echo site_url('setup');?>" title="Setup">Setup</a></li>
<?php } ?> <?php } ?>

2
application/views/view_log/index.php
查看文件

@ -54,7 +54,7 @@
<td><?php echo $row->COL_RST_RCVD; ?></td> <td><?php echo $row->COL_RST_RCVD; ?></td>
<td><?php echo $row->COL_BAND; ?></td> <td><?php echo $row->COL_BAND; ?></td>
<td><?php echo $row->COL_COUNTRY; ?></td> <td><?php echo $row->COL_COUNTRY; ?></td>
<td><a href="<?php echo site_url('qso/edit'); ?>/<?php echo $row->COL_PRIMARY_KEY; ?>" ><img src="<?php echo base_url(); ?>/images/application_edit.png" width="16" height="16" alt="Edit" /></a></td> <td><?php if(($this->config->item('use_auth')) && ($this->session->userdata('user_type') >= 2)) { ?><a href="<?php echo site_url('qso/edit'); ?>/<?php echo $row->COL_PRIMARY_KEY; ?>" ><img src="<?php echo base_url(); ?>/images/application_edit.png" width="16" height="16" alt="Edit" /><?php } ?></a></td>
</tr> </tr>
<?php $i++; } ?> <?php $i++; } ?>