<?php
+/**
+ * @copyright Copyright (C) 2010-2023, the Friendica project
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ *
+ */
namespace Friendica\Module;
use Friendica\BaseModule;
use Friendica\Core\Addon;
use Friendica\Core\Renderer;
-use Friendica\Core\Session;
use Friendica\DI;
-use Friendica\Network\HTTPException\ForbiddenException;
-
-require_once 'boot.php';
+use Friendica\Network\HTTPException;
/**
* This abstract module is meant to be extended by all modules that are reserved to administrator users.
*/
abstract class BaseAdmin extends BaseModule
{
- public static function post(array $parameters = [])
+ /**
+ * Checks admin access and throws exceptions if not logged-in administrator
+ *
+ * @param bool $interactive
+ * @return void
+ * @throws HTTPException\ForbiddenException
+ * @throws HTTPException\InternalServerErrorException
+ */
+ public static function checkAdminAccess(bool $interactive = false)
{
- if (!is_site_admin()) {
- return;
- }
-
- // do not allow a page manager to access the admin panel at all.
- if (!empty($_SESSION['submanage'])) {
- return;
+ if (!DI::userSession()->getLocalUserId()) {
+ if ($interactive) {
+ DI::sysmsg()->addNotice(DI::l10n()->t('Please login to continue.'));
+ DI::session()->set('return_path', DI::args()->getQueryString());
+ DI::baseUrl()->redirect('login');
+ } else {
+ throw new HTTPException\UnauthorizedException(DI::l10n()->t('Please login to continue.'));
+ }
}
- }
- public static function rawContent(array $parameters = [])
- {
- if (!is_site_admin()) {
- return '';
+ if (!DI::app()->isSiteAdmin()) {
+ throw new HTTPException\ForbiddenException(DI::l10n()->t('You don\'t have access to administration pages.'));
}
- if (!empty($_SESSION['submanage'])) {
- return '';
+ if (DI::userSession()->getSubManagedUserId()) {
+ throw new HTTPException\ForbiddenException(DI::l10n()->t('Submanaged account can\'t access the administration pages. Please log back in as the main account.'));
}
-
- return '';
}
- public static function content(array $parameters = [])
+ protected function content(array $request = []): string
{
- if (!is_site_admin()) {
- notice(DI::l10n()->t('Please login to continue.'));
- Session::set('return_path', DI::args()->getQueryString());
- DI::baseUrl()->redirect('login');
- }
-
- if (!empty($_SESSION['submanage'])) {
- throw new ForbiddenException(DI::l10n()->t('Submanaged account can\'t access the administation pages. Please log back in as the master account.'));
- }
+ self::checkAdminAccess(true);
// Header stuff
DI::page()['htmlhead'] .= Renderer::replaceMacros(Renderer::getMarkupTemplate('admin/settings_head.tpl'), []);
]],
'configuration' => [DI::l10n()->t('Configuration'), [
'site' => ['admin/site' , DI::l10n()->t('Site') , 'site'],
- 'users' => ['admin/users' , DI::l10n()->t('Users') , 'users'],
+ 'storage' => ['admin/storage' , DI::l10n()->t('Storage') , 'storage'],
'addons' => ['admin/addons' , DI::l10n()->t('Addons') , 'addons'],
'themes' => ['admin/themes' , DI::l10n()->t('Themes') , 'themes'],
'features' => ['admin/features' , DI::l10n()->t('Additional features') , 'features'],
'deferred' => ['admin/queue/deferred', DI::l10n()->t('Inspect Deferred Workers'), 'deferred'],
'workerqueue' => ['admin/queue' , DI::l10n()->t('Inspect worker Queue') , 'workerqueue'],
]],
- 'tools' => [DI::l10n()->t('Tools'), [
- 'contactblock' => ['admin/blocklist/contact', DI::l10n()->t('Contact Blocklist') , 'contactblock'],
- 'blocklist' => ['admin/blocklist/server' , DI::l10n()->t('Server Blocklist') , 'blocklist'],
- 'deleteitem' => ['admin/item/delete' , DI::l10n()->t('Delete Item') , 'deleteitem'],
- ]],
'logs' => [DI::l10n()->t('Logs'), [
'logsconfig' => ['admin/logs/', DI::l10n()->t('Logs') , 'logs'],
'logsview' => ['admin/logs/view' , DI::l10n()->t('View Logs') , 'viewlogs'],
'phpinfo' => ['admin/phpinfo' , DI::l10n()->t('PHP Info') , 'phpinfo'],
'probe' => ['probe' , DI::l10n()->t('probe address') , 'probe'],
'webfinger' => ['webfinger' , DI::l10n()->t('check webfinger') , 'webfinger'],
- 'itemsource' => ['admin/item/source' , DI::l10n()->t('Item Source') , 'itemsource'],
'babel' => ['babel' , DI::l10n()->t('Babel') , 'babel'],
+ 'debug/ap' => ['debug/ap' , DI::l10n()->t('ActivityPub Conversion') , 'debug/ap'],
]],
];