API2 Uitbreiding SWITCHUSER/ X-FACILITOR-SWITCH-USER
svn path=/Website/branches/v5.4.1/; revision=21595
This commit is contained in:
Jos Groot Lipman
@@ -11,7 +11,7 @@
|
||||
<!-- #include file="../Shared/save2db.inc" -->
|
||||
<%
|
||||
api2 = {
|
||||
authenticate: function _authenticate()
|
||||
authenticate: function _authenticate(model)
|
||||
{
|
||||
var APIKEY;
|
||||
if (S("fac_api_key_in_url"))
|
||||
@@ -29,7 +29,8 @@ api2 = {
|
||||
|
||||
var sql = "SELECT prs_perslid_key, prs_perslid_naam"
|
||||
+ " FROM prs_perslid"
|
||||
+ " WHERE prs_perslid_apikey = " + safe.quoted_sql(APIKEY);
|
||||
+ " WHERE prs_perslid_verwijder IS NULL"
|
||||
+ " AND prs_perslid_apikey = " + safe.quoted_sql(APIKEY);
|
||||
var oRs = Oracle.Execute(sql);
|
||||
if (oRs.Eof || !APIKEY)
|
||||
{
|
||||
@@ -42,6 +43,41 @@ api2 = {
|
||||
oRs.Close();
|
||||
}
|
||||
/* global */ user = new Perslid(user_key);
|
||||
|
||||
// Impersonate?
|
||||
var IMPERS;
|
||||
if (S("fac_api_key_in_url"))
|
||||
IMPERS = getQParam("SWITCHUSER", "");
|
||||
if (!IMPERS && Request.ServerVariables("HTTP_X_FACILITOR_SWITCH_USER").Count)
|
||||
IMPERS = String(Request.ServerVariables("HTTP_X_FACILITOR_SWITCH_USER")); // Meegegeven als X-FACILITOR-SWITCH-USER
|
||||
if (IMPERS) // && S("fac_api_allow_impersonate")
|
||||
{
|
||||
var sql = "SELECT prs_perslid_key, prs_perslid_naam"
|
||||
+ " FROM prs_perslid"
|
||||
+ " WHERE prs_perslid_verwijder IS NULL"
|
||||
+ " AND prs_perslid_oslogin = " + safe.quoted_sql_upper(IMPERS);
|
||||
var oRs = Oracle.Execute(sql);
|
||||
if (oRs.Eof)
|
||||
{
|
||||
Response.Status = "412 Invalid X-Facilitor-Switch-User header";
|
||||
Response.End;
|
||||
};
|
||||
__Log("IMPERS User is: " + oRs("prs_perslid_naam").Value);
|
||||
var other_user_key = oRs("prs_perslid_key").Value;
|
||||
oRs.Close();
|
||||
if (model.impersonate_auth)
|
||||
{
|
||||
var xfunc = user.func_enabled2(model.module, { prs_key: other_user_key, isOptional: true });
|
||||
var can = (xfunc && xfunc.canRead(model.impersonate_auth));
|
||||
if (can)
|
||||
/* global */ user_key = other_user_key;
|
||||
}
|
||||
if (user_key != other_user_key)
|
||||
{
|
||||
Response.Status = "412 Unauthorized X-Facilitor-Switch-User header";
|
||||
Response.End;
|
||||
}
|
||||
}
|
||||
},
|
||||
process: function _process(model)
|
||||
{
|
||||
@@ -50,7 +86,7 @@ api2 = {
|
||||
Session.Codepage = 65001; // We doen *uitsluitend* utf-8
|
||||
Response.Charset = 'utf-8';
|
||||
|
||||
api2.authenticate();
|
||||
api2.authenticate(model);
|
||||
|
||||
var method = String(Request.ServerVariables("REQUEST_METHOD"));
|
||||
|
||||
|
||||
@@ -30,6 +30,7 @@ function afs_alg_onrgoed_keys(jsondata)
|
||||
|
||||
model_appointments =
|
||||
{
|
||||
module: "BEZ",
|
||||
table: "bez_afspraak",
|
||||
primary: "bez_afspraak_key",
|
||||
records_name: "appointments",
|
||||
@@ -49,6 +50,7 @@ model_appointments =
|
||||
joinfield: "bez_afspraak_key"
|
||||
}
|
||||
},
|
||||
impersonate_auth: "WEB_BEZFOF",
|
||||
REST_GET: function _GET(params)
|
||||
{
|
||||
var urole = "fe"; // TODO: Moet echt niet ter zake doen
|
||||
|
||||
@@ -29,6 +29,7 @@ var sqlro = "SELECT rg.res_ruimte_nr || CASE WHEN res_ruimte_opstel_default = 1
|
||||
|
||||
model_reservations =
|
||||
{
|
||||
module: "RES",
|
||||
table: "res_rsv_ruimte",
|
||||
primary: "res_rsv_ruimte_key",
|
||||
records_name: "reservations",
|
||||
@@ -48,6 +49,7 @@ model_reservations =
|
||||
{ name: "configuration", dbs: "res_ruimte_opstelling.res_opstelling_key", typ: "key", foreign: "res_opstelling" },
|
||||
],
|
||||
|
||||
impersonate_auth: "WEB_RESFOF",
|
||||
REST_GET: function _GET(params)
|
||||
{
|
||||
var urole = "fe"; // TODO: Moet echt niet ter zake doen
|
||||
|
||||
Reference in New Issue
Block a user