git.shiar.nl / minimedit.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
auth: admin edit permissions for page (sub)directories
[minimedit.git] / auth.inc.php
diff --git a/auth.inc.php b/auth.inc.php
index a1ccedf50cf16ea328ac107e4c8ee8fd9326fa15..aceb2de076c3481dc53a61c24e4444f88c866a2d 100644 (file)
--- a/auth.inc.php
+++ b/auth.inc.php
@@ -3,9 +3,9 @@ date_default_timezone_set('Europe/Amsterdam');
 
 class User
 {
-       function __construct($dir)
+       function __construct($dir, $existing = TRUE)
        {
-               if (!file_exists($dir)) {
+               if (!file_exists($dir) and $existing) {
                        throw new Exception("Gebruiker niet gevonden in $dir");
                }
                $this->dir = $dir;
@@ -40,7 +40,16 @@ class User
        function admin($permission = NULL)
        {
                if (isset($permission)) {
-                       return $this->admin && isset($this->admin[$permission]);  # check level
+                       if (!$this->admin) {
+                               return FALSE;  # empty results
+                       }
+                       preg_match_all('{[ /]}', $permission, $parts, PREG_OFFSET_CAPTURE);
+                       foreach ($parts[0] as $part) {
+                               if (isset($this->admin[substr($permission, 0, $part[1])])) {
+                                       return TRUE;  # partial match
+                               }
+                       }
+                       return isset($this->admin[$permission]);  # check level
                }
                if (!@file_exists("{$this->dir}/.admin")) {
                        return FALSE;  # not an admin
MinimEdit - databaseless cms with only a bit of php