diff options
author | Andrew Dolgov <[email protected]> | 2021-11-10 20:44:51 +0300 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2021-11-10 20:44:51 +0300 |
commit | 9e8d69739f21e5ac85977d57a2a6c961e318c26e (patch) | |
tree | 0fc52f7be644b5f86e236cc7cb8f4dc4351da8f9 /classes/userhelper.php | |
parent | 7a52560e4e3b0652d32645b60ae13e4904f606bc (diff) |
add two helper account access levels:
- read only - can't subscribe to more feeds, feed updates are skipped
- disabled - can't login
define used access levels as UserHelper constants and refactor code to
use them instead of hardcoded numbers
Diffstat (limited to 'classes/userhelper.php')
-rw-r--r-- | classes/userhelper.php | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/classes/userhelper.php b/classes/userhelper.php index 1cdd320a1..ea714b76b 100644 --- a/classes/userhelper.php +++ b/classes/userhelper.php @@ -17,6 +17,21 @@ class UserHelper { self::HASH_ALGO_SHA1 ]; + /** forbidden to login */ + const ACCESS_LEVEL_DISABLED = -2; + + /** can't subscribe to new feeds, feeds are not updated */ + const ACCESS_LEVEL_READONLY = -1; + + /** no restrictions, regular user */ + const ACCESS_LEVEL_USER = 0; + + /** not used, same as regular user */ + const ACCESS_LEVEL_POWERUSER = 5; + + /** has administrator permissions */ + const ACCESS_LEVEL_ADMIN = 10; + static function authenticate(string $login = null, string $password = null, bool $check_only = false, string $service = null) { if (!Config::get(Config::SINGLE_USER_MODE)) { $user_id = false; @@ -41,7 +56,7 @@ class UserHelper { $user = ORM::for_table('ttrss_users')->find_one($user_id); - if ($user) { + if ($user && $user->access_level != self::ACCESS_LEVEL_DISABLED) { $_SESSION["uid"] = $user_id; $_SESSION["auth_module"] = $auth_module; $_SESSION["name"] = $user->login; @@ -68,7 +83,7 @@ class UserHelper { $_SESSION["uid"] = 1; $_SESSION["name"] = "admin"; - $_SESSION["access_level"] = 10; + $_SESSION["access_level"] = self::ACCESS_LEVEL_ADMIN; $_SESSION["hide_hello"] = true; $_SESSION["hide_logout"] = true; |