auth
This commit is contained in:
@@ -80,21 +80,50 @@ function auth_groups(): array
|
||||
return is_array($user['groups'] ?? null) ? $user['groups'] : [];
|
||||
}
|
||||
|
||||
function parse_group_list(string $value): array
|
||||
{
|
||||
$parts = preg_split('/[,\s]+/', $value) ?: [];
|
||||
$out = [];
|
||||
foreach ($parts as $p) {
|
||||
$p = trim($p);
|
||||
if ($p !== '') {
|
||||
$out[] = $p;
|
||||
}
|
||||
}
|
||||
return $out;
|
||||
}
|
||||
|
||||
function auth_is_admin(): bool
|
||||
{
|
||||
$config = app()->config();
|
||||
$groups = auth_groups();
|
||||
return in_array($config->oidcAdminGroup, $groups, true);
|
||||
$allowed = parse_group_list($config->oidcAdminGroup);
|
||||
foreach ($allowed as $g) {
|
||||
if (in_array($g, $groups, true)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
function auth_is_user(): bool
|
||||
{
|
||||
$config = app()->config();
|
||||
$groups = auth_groups();
|
||||
if (in_array($config->oidcAdminGroup, $groups, true)) {
|
||||
return true;
|
||||
$admins = parse_group_list($config->oidcAdminGroup);
|
||||
foreach ($admins as $g) {
|
||||
if (in_array($g, $groups, true)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return in_array($config->oidcUserGroup, $groups, true);
|
||||
|
||||
$users = parse_group_list($config->oidcUserGroup);
|
||||
foreach ($users as $g) {
|
||||
if (in_array($g, $groups, true)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
function require_auth(): void
|
||||
|
||||
Reference in New Issue
Block a user