E. api / protege.php

<?php

require_once __DIR__ . "/../libservidorphp/NO_AUTORIZADO.php";
require_once __DIR__ . "/../libservidorphp/PROHIBIDO.php";
require_once __DIR__ . "/../libservidorphp/ProblemDetailsException.php";
require_once __DIR__ . "/../libservidorphp/rolIdsParaUsuId.php";
require_once __DIR__ . "/SAN.php";
require_once __DIR__ . "/USU_ID.php";
require_once __DIR__ . "/Bd.php";

function protege(array $rolIdsPermitidos)
{

 session_start();

 $san = isset($_SESSION[SAN]) ? $_SESSION[SAN] : "";
 $usuId = isset($_SESSION[USU_ID]) ? $_SESSION[USU_ID] : -1;
 $rolIds = rolIdsParaUsuId(Bd::pdo(), $usuId);

 if (count($rolIdsPermitidos) === 0) {

  return [$san, $rolIds, $usuId];
 } else {

  if ($san === "")
   throw new ProblemDetailsException([
    "status" => NO_AUTORIZADO,
    "type" => "/errors/noautorizado.html",
    "title" => "No autorizado.",
    "detail" => "Necesitas iniciar sesión.",
   ]);

  foreach ($rolIdsPermitidos as $rolId) {
   if (array_search($rolId, $rolIds, true) !== false) {
    return [$san, $rolIds, $usuId];
   }
  }

  throw new ProblemDetailsException([
   "status" => PROHIBIDO,
   "type" => "/errors/prohibido.html",
   "title" => "Prohibido.",
   "detail" => "No tienes roles para usar este recurso.",
  ]);
 }
}


1	<?php
2
3	require_once __DIR__ . "/../libservidorphp/NO_AUTORIZADO.php";
4	require_once __DIR__ . "/../libservidorphp/PROHIBIDO.php";
5	require_once __DIR__ . "/../libservidorphp/ProblemDetailsException.php";
6	require_once __DIR__ . "/../libservidorphp/rolIdsParaUsuId.php";
7	require_once __DIR__ . "/SAN.php";
8	require_once __DIR__ . "/USU_ID.php";
9	require_once __DIR__ . "/Bd.php";
10
11	function protege(array $rolIdsPermitidos)
12	{
13
14	session_start();
15
16	$san = isset($_SESSION[SAN]) ? $_SESSION[SAN] : "";
17	$usuId = isset($_SESSION[USU_ID]) ? $_SESSION[USU_ID] : -1;
18	$rolIds = rolIdsParaUsuId(Bd::pdo(), $usuId);
19
20	if (count($rolIdsPermitidos) === 0) {
21
22	return [$san, $rolIds, $usuId];
23	} else {
24
25	if ($san === "")
26	throw new ProblemDetailsException([
27	"status" => NO_AUTORIZADO,
28	"type" => "/errors/noautorizado.html",
29	"title" => "No autorizado.",
30	"detail" => "Necesitas iniciar sesión.",
31	]);
32
33	foreach ($rolIdsPermitidos as $rolId) {
34	if (array_search($rolId, $rolIds, true) !== false) {
35	return [$san, $rolIds, $usuId];
36	}
37	}
38
39	throw new ProblemDetailsException([
40	"status" => PROHIBIDO,
41	"type" => "/errors/prohibido.html",
42	"title" => "Prohibido.",
43	"detail" => "No tienes roles para usar este recurso.",
44	]);
45	}
46	}
47

skip_previous skip_next