Browse code

Blende Aktionen aus, wenn die Rechte nicht reichen oder wenn die Domain-API nicht verfügbar ist

Bernd Wurst authored on09/02/2018 05:16:15
Showing6 changed files
... ...
@@ -69,6 +69,16 @@ function config($key, $localonly = false)
69 69
     return NULL;
70 70
 }
71 71
 
72
+function have_role($role) {
73
+    $have = $_SESSION['role'] & $role;
74
+    if ($have) {
75
+        DEBUG("Current user has role ".$role);
76
+    } else {
77
+        DEBUG("Current user does not have role ".$role);
78
+    }
79
+    return $have;
80
+}
81
+
72 82
 function get_server_by_id($id) {
73 83
   $id = (int) $id;
74 84
   $result = db_query("SELECT hostname FROM system.servers WHERE id=?", array($id));
... ...
@@ -112,17 +112,24 @@ function show_messages()
112 112
 
113 113
 function require_role($roles)
114 114
 {
115
-  if (! is_array($roles))
115
+  if (! is_array($roles)) {
116 116
     $roles = array($roles);
117
+  }
117 118
   $allow = false;
118
-  foreach ($roles as $role)
119
-    if ($role & $_SESSION['role'])
119
+  foreach ($roles as $role) {
120
+    if ($role & $_SESSION['role']) {
120 121
       $allow = true;
121
-  if (! $allow)
122
-    if ($_SESSION['role'] == ROLE_ANONYMOUS)
122
+    }
123
+  }
124
+  if (! $allow) {
125
+    if ($_SESSION['role'] == ROLE_ANONYMOUS) {
123 126
       login_screen();
124
-    else
127
+    } else {
128
+      $backtrace = debug_backtrace();
129
+      DEBUG($backtrace[0]['file'].':'.$backtrace[0]['line'].': Current user does not have any of the required roles: '.implode(",",$roles));
125 130
       login_screen("Diese Seite können Sie mit Ihren aktuellen Zugriffsrechten nicht benutzen, bitte melden Sie sich mit den benötigten Zugriffsrechten an!");
131
+    }
132
+  }
126 133
 }
127 134
 
128 135
 
... ...
@@ -23,6 +23,9 @@ require_once('domainapi.php');
23 23
 require_once('domains.php');
24 24
 
25 25
 require_role(ROLE_CUSTOMER);
26
+if (! config('http.net-apikey')) {
27
+    system_failure("Dieses System ist nicht eingerichtet zum Hinzufügen von Domains");
28
+}
26 29
 
27 30
 title("Domain hinzufügen");
28 31
 $section='domains_domains';
... ...
@@ -19,9 +19,8 @@ require_once('inc/icons.php');
19 19
 
20 20
 require_once('class/domain.php');
21 21
 require_once('domains.php');
22
-require_once('domainapi.php');
23 22
 
24
-require_role(ROLE_CUSTOMER);
23
+require_role(array(ROLE_CUSTOMER, ROLE_SYSTEMUSER));
25 24
 
26 25
 $dom = NULL;
27 26
 if (isset($_REQUEST['id'])) {
... ...
@@ -35,7 +34,11 @@ if (isset($_REQUEST['id'])) {
35 34
 if (!$dom) {
36 35
     system_failure("Keine Domain gewählt!");
37 36
 }
38
-$dom->ensure_customerdomain();
37
+if (have_role(ROLE_CUSTOMER)) {
38
+    $dom->ensure_customerdomain();
39
+} else {
40
+    $dom->ensure_userdomain();
41
+}
39 42
 
40 43
 title("Domain {$dom->fqdn}");
41 44
 $section = 'domains_domains';
... ...
@@ -43,7 +46,7 @@ $section = 'domains_domains';
43 46
 // Block zuständiger Useraccount
44 47
 
45 48
 $useraccounts = list_useraccounts();
46
-if ($_SESSION['role'] & ROLE_CUSTOMER && count($useraccounts) > 1) {
49
+if (have_role(ROLE_CUSTOMER) && count($useraccounts) > 1) {
47 50
     // Mehrere User vorhanden
48 51
     $options = array();
49 52
     foreach ($useraccounts as $u) {
... ...
@@ -60,9 +63,10 @@ if ($_SESSION['role'] & ROLE_CUSTOMER && count($useraccounts) > 1) {
60 63
 
61 64
 // Block Domain-Inhaber 
62 65
 
63
-if ($dom->provider == 'terions' && ($dom->cancel_date === NULL || $dom->cancel_date > date('Y-m-d'))) {
66
+if (have_role(ROLE_CUSTOMER) && config('http.net-apikey') && $dom->provider == 'terions' && ($dom->cancel_date === NULL || $dom->cancel_date > date('Y-m-d'))) {
64 67
     use_module('contacts');
65 68
     require_once('contacts.php');
69
+    require_once('domainapi.php');
66 70
 
67 71
     output('<h4>Inhaberwechsel der Domain</h4>');
68 72
     output('<p>Legen Sie hier einen neuen Inhaber für diese Domain fest.</p>');
... ...
@@ -131,25 +135,27 @@ if ($dom->provider == 'terions' && ($dom->cancel_date === NULL || $dom->cancel_d
131 135
 
132 136
 // Block Externe Domain umziehen
133 137
 
134
-if ($dom->status == 'prereg') {
135
-    output('<h4>Domain-Registrierung abschließen</h4>
136
-            <p>'.internal_link('domainreg', 'Domain registrieren', "domain={$dom->fqdn}").'</p>');
137
-} elseif ($dom->status == 'pretransfer') {
138
-    output('<h4>Domain zu '.config('company_name').' umziehen</h4>
139
-            <p>'.internal_link('domainreg', 'Umzugsautrag (ggf. nochmals) erteilen', "domain={$dom->fqdn}").'</p>');
140
-} elseif ($dom->provider != 'terions') {
141
-    output('<h4>Domain zu '.config('company_name').' umziehen</h4>
142
-            <p>'.internal_link('domainreg', 'Domain-Transfer starten', "domain={$dom->fqdn}").'</p>');
138
+if (have_role(ROLE_CUSTOMER) && config('http.net-apikey')) {
139
+    if ($dom->status == 'prereg') {
140
+        output('<h4>Domain-Registrierung abschließen</h4>
141
+                <p>'.internal_link('domainreg', 'Domain registrieren', "domain={$dom->fqdn}").'</p>');
142
+    } elseif ($dom->status == 'pretransfer') {
143
+        output('<h4>Domain zu '.config('company_name').' umziehen</h4>
144
+                <p>'.internal_link('domainreg', 'Umzugsautrag (ggf. nochmals) erteilen', "domain={$dom->fqdn}").'</p>');
145
+    } elseif ($dom->provider != 'terions') {
146
+        output('<h4>Domain zu '.config('company_name').' umziehen</h4>
147
+                <p>'.internal_link('domainreg', 'Domain-Transfer starten', "domain={$dom->fqdn}").'</p>');
148
+    }
143 149
 }
144 150
 
145
-
146 151
 // Block Domain löschen/kündigen
147 152
 
148 153
 $domain_in_use = mailman_subdomains($dom->id) || mail_in_use($dom->id) || web_in_use($dom->id) || $dom->jabber == 1;
149 154
 if (!$domain_in_use && ($dom->status == 'prereg' || $dom->status == 'pretransfer' || $dom->status == 'transferfailed' || $dom->status == 'external')) {
150 155
     output('<h4>Domain wieder entfernen</h4>');
151 156
     output('<p class="delete">'.internal_link('save', 'Die Domain '.$dom->fqdn.' entfernen', 'action=delete&domain='.$dom->id).'</p>');
152
-} elseif ($dom->provider == 'terions') {
157
+} elseif (have_role(ROLE_CUSTOMER) && config('http.net-apikey') && $dom->provider == 'terions') {
158
+    require_once('domainapi.php');
153 159
     output('<h4>Domain kündigen</h4>');
154 160
     $info = api_download_domain($dom->id);
155 161
     if ($info['authInfo']) {
... ...
@@ -24,6 +24,9 @@ require_role(ROLE_CUSTOMER);
24 24
 use_module('contacts');
25 25
 require_once('contacts.php');
26 26
 
27
+if (! config('http.net-apikey')) {
28
+    system_failure("Dieses System ist nicht eingerichtet zum Hinzufügen von Domains");
29
+}
27 30
 
28 31
 $dom = NULL;
29 32
 if (isset($_REQUEST['domain'])) {
... ...
@@ -23,7 +23,7 @@ require_once('domains.php');
23 23
 
24 24
 require_role(array(ROLE_SYSTEMUSER, ROLE_CUSTOMER));
25 25
 
26
-if ($_SESSION['role'] & ROLE_CUSTOMER)
26
+if (have_role(ROLE_CUSTOMER))
27 27
   $user_domains = get_domain_list($_SESSION['customerinfo']['customerno']);
28 28
 else
29 29
   $user_domains = get_domain_list($_SESSION['userinfo']['customerno'], $_SESSION['userinfo']['uid']);
... ...
@@ -107,12 +107,17 @@ foreach ($user_domains as $domain)
107 107
     $punycode = '';
108 108
   }
109 109
   $domainname = "{$domain->fqdn}{$punycode}";
110
-  $domainname = internal_link('detail', $domainname, 'id='.$domain->id);
110
+  if (have_role(ROLE_CUSTOMER)) {
111
+      $domainname = internal_link('detail', $domainname, 'id='.$domain->id);
112
+  }
111 113
   output("  <div class=\"domain-item {$status} {$locked}\"><p class=\"domainname\">{$domainname}</p><p class=\"regdate\">{$regdate}</p><p class=\"domain-usage\">Verwendung: {$features}{$mailserver_lock}</p></div>\n");
112 114
 }
113 115
 output('</div>');
114 116
 output("<br />");
115
-addnew('adddomain', 'Neue Domain bestellen / hinzufügen');
117
+
118
+if (have_role(ROLE_CUSTOMER) && config('http.net-apikey')) {
119
+    addnew('adddomain', 'Neue Domain bestellen / hinzufügen');
120
+}
116 121
 
117 122
 
118 123
 ?>