chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Added support for DRH in api_is_platform_admin() - refs BT#7089

Browse Source
1.9.x
Yannick Warnier 12 years ago
parent e1ca70eeb5
commit e9035f5cb2
1 changed files with 12 additions and 9 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 21
      main/inc/lib/main_api.lib.php

21
main/inc/lib/main_api.lib.php
Unescape View File

@ -922,13 +922,15 @@ function api_protect_course_script($print_headers = false, $allow_session_admins
/**
* Function used to protect an admin script.
* The function blocks access when the user has no platform admin rights.
* This is only the first proposal, test and improve!
*
* @author Roan Embrechts
*/
function api_protect_admin_script($allow_sessions_admins = false) {
if (!api_is_platform_admin($allow_sessions_admins)) {
*
* The function blocks access when the user has no platform admin rights with an error message printed on default output
* @param bool Whether to allow session admins as well
* @param bool Whether to allow HR directors as well
* @return bool True if user is allowed, false otherwise. The function also outputs an error message in case not allowed
* @author Roan Embrechts (original author)
*/
function api_protect_admin_script($allow_sessions_admins = false, $allow_drh = false) {
if (!api_is_platform_admin($allow_sessions_admins, $allow_drh)) {
api_not_allowed(true);
return false;
}
@ -2185,16 +2187,17 @@ function api_get_self() {
/**
* Checks whether current user is a platform administrator
* @param boolean Whether session admins should be considered admins or not
* @param boolean Whether HR directors should be considered admins or not
* @return boolean True if the user has platform admin rights,
* false otherwise.
* @see usermanager::is_admin(user_id) for a user-id specific function
*/
function api_is_platform_admin($allow_sessions_admins = false) {
function api_is_platform_admin($allow_sessions_admins = false, $allow_drh = false) {
if ($_SESSION['is_platformAdmin']) {
return true;
}
global $_user;
return $allow_sessions_admins && isset($_user['status']) && $_user['status'] == SESSIONADMIN;
return isset($_user['status']) && (($allow_sessions_admins && $_user['status'] == SESSIONADMIN) || ($allow_drh && $_user['status'] == DRH));
}
/**

Write Preview
Loading…
Cancel
Save