From 5bba1620b82746045051daaf5472688e39d751ea Mon Sep 17 00:00:00 2001 From: Chris Gilligan <49878588+UTCGilligan@users.noreply.github.com> Date: Sun, 24 Dec 2023 14:39:32 -0500 Subject: [PATCH 1/2] UTCT-46: Supereditor role and Anonymous (SAML) users. Signed-off-by: Chris Gilligan <49878588+UTCGilligan@users.noreply.github.com> --- user/plugins/auth-mgr-plus/plugin.php | 32 ++++++++++++++++++++++----- 1 file changed, 27 insertions(+), 5 deletions(-) diff --git a/user/plugins/auth-mgr-plus/plugin.php b/user/plugins/auth-mgr-plus/plugin.php index 38e632c..cf26f56 100644 --- a/user/plugins/auth-mgr-plus/plugin.php +++ b/user/plugins/auth-mgr-plus/plugin.php @@ -15,6 +15,7 @@ class ampRoles { const Administrator = 'Administrator'; + const Supereditor = 'Supereditor'; const Editor = 'Editor'; const Contributor = 'Contributor'; } @@ -241,8 +242,7 @@ function amp_require_capability( $capability ) { $errorpage = file_get_contents('user/plugins/auth-mgr-plus/403-error.html'); yourls_status_header( 403 ); echo $errorpage; - die(); - } + die(); } // Otherwise, render errors in admin interface yourls_redirect( yourls_admin_url( '?access=denied' ), 302 ); die(); @@ -276,8 +276,8 @@ function amp_have_capability( $capability ) { if (amp_user_has_role($user, $rolename)) $user_caps = array_merge($user_caps, $rolecaps); } - elseif ( isset( $amp_default_role ) && in_array ($amp_default_role, array_keys( $amp_role_capabilities ) ) ) - $user_caps = $amp_role_capabilities [ $amp_default_role ]; + elseif ( isset( $amp_default_role ) && in_array ($amp_default_role, array_keys( $amp_role_capabilities ) ) ) + $user_caps = $amp_role_capabilities [ $amp_default_role ]; $user_caps = array_unique( $user_caps ); // Is the requested capability in this list? @@ -427,7 +427,15 @@ function amp_env_check() { global $amp_allowed_plugin_pages; if ( !isset( $amp_anon_capabilities) ) { - $amp_anon_capabilities = array(); + $amp_anon_capabilities = array( + ampCap::ShowAdmin, + ampCap::AddURL, + ampCap::EditURL, + ampCap::DeleteURL, + ampCap::ShareURL, + ampCap::APIu, + ampCap::ViewStats, + ); } if ( !isset( $amp_role_capabilities) ) { @@ -447,6 +455,19 @@ function amp_env_check() { ampCap::ViewStats, ampCap::ViewAll, ), + ampRoles::Supereditor => array( + ampCap::ShowAdmin, + ampCap::AddURL, + ampCap::EditURL, + ampCap::DeleteURL, + ampCap::ShareURL, + ampCap::Traceless, + ampCap::ManageAnonURL, + ampCap::ManageUsrsURL, + ampCap::APIu, + ampCap::ViewStats, + ampCap::ViewAll, + ), ampRoles::Editor => array( ampCap::ShowAdmin, ampCap::AddURL, @@ -483,6 +504,7 @@ function amp_env_check() { if ( !isset( $amp_allowed_plugin_pages ) ) { $amp_allowed_plugin_pages = array( + 'sleeky-backend' ); } From 136b40a05f05d0d529242960755f6d654f04b988 Mon Sep 17 00:00:00 2001 From: Chris Gilligan <49878588+UTCGilligan@users.noreply.github.com> Date: Mon, 1 Jan 2024 09:59:50 -0500 Subject: [PATCH 2/2] UTCT-46: Fix a bracket and correct plugin name. Signed-off-by: Chris Gilligan <49878588+UTCGilligan@users.noreply.github.com> --- user/plugins/auth-mgr-plus/plugin.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/user/plugins/auth-mgr-plus/plugin.php b/user/plugins/auth-mgr-plus/plugin.php index cf26f56..2587a46 100644 --- a/user/plugins/auth-mgr-plus/plugin.php +++ b/user/plugins/auth-mgr-plus/plugin.php @@ -242,7 +242,8 @@ function amp_require_capability( $capability ) { $errorpage = file_get_contents('user/plugins/auth-mgr-plus/403-error.html'); yourls_status_header( 403 ); echo $errorpage; - die(); } + die(); + } // Otherwise, render errors in admin interface yourls_redirect( yourls_admin_url( '?access=denied' ), 302 ); die(); @@ -504,7 +505,7 @@ function amp_env_check() { if ( !isset( $amp_allowed_plugin_pages ) ) { $amp_allowed_plugin_pages = array( - 'sleeky-backend' + 'sleeky_backend' ); }