zydronium/getnamingo-registry
1
0
Fork 0
mirror of https://github.com/getnamingo/registry.git synced 2025-07-22 18:45:59 +02:00
Code Issues Projects Releases Packages Wiki Activity

User rights fixes; cleanup

Browse source
This commit is contained in:
Pinga 2023-11-16 11:00:02 +02:00
parent f3f5530642
commit 3a9d39da38
8 changed files with 29 additions and 388 deletions
Download patch file Download diff file Expand all files Collapse all files

15
cp/routes/web.php
View file

@ -130,11 +130,12 @@ $app->any('/api[/{params:.*}]', function (
'dbAuth.passwordColumn' => 'password',
'dbAuth.returnedColumns' => 'email,roles_mask',
'dbAuth.registerUser' => false,
'multiTenancy.handler' => function ($operation, $tableName) {
'multiTenancy.handler' => function ($operation, $tableName) {
if (isset($_SESSION['auth_roles']) && $_SESSION['auth_roles'] === 0) {
return [];
}
$userId = $_SESSION['auth_user_id'];
$registrarId = $_SESSION['auth_registrar_id'];
$columnMap = [
'contact' => 'clid',
'domain' => 'clid',
@ -143,11 +144,13 @@ $app->any('/api[/{params:.*}]', function (
'registrar' => 'id',
'payment_history' => 'registrar_id',
'statement' => 'registrar_id',
'support_tickets' => 'user_id',
'support_tickets' => 'user_id', // Note: this still uses user_id
];
if (array_key_exists($tableName, $columnMap)) {
return [$columnMap[$tableName] => $userId];
// Use registrarId for tables where 'registrar_id' is the filter
// For 'support_tickets', continue to use userId
return [$columnMap[$tableName] => ($tableName === 'support_tickets' ? $_SESSION['auth_user_id'] : $registrarId)];
}
return ['1' => '0'];
@ -188,13 +191,13 @@ $app->any('/log-api[/{params:.*}]', function (
if (isset($_SESSION['auth_roles']) && $_SESSION['auth_roles'] === 0) {
return [];
}
$userId = $_SESSION['auth_user_id'];
$registrarId = $_SESSION['auth_registrar_id'];
$columnMap = [
'transaction_identifier' => 'registrar_id',
];
if (array_key_exists($tableName, $columnMap)) {
return [$columnMap[$tableName] => $userId];
return [$columnMap[$tableName] => $registrarId];
}
return ['1' => '0'];