diff --git a/htdocs/lib/DefaultController.php b/htdocs/lib/DefaultController.php index 18d0ff1..10295b8 100644 --- a/htdocs/lib/DefaultController.php +++ b/htdocs/lib/DefaultController.php @@ -36,11 +36,4 @@ class DefaultController { } } } - - protected static function needSuperAdmin() { - if (!self::$server->isSuperAdmin()) { - self::$alerts[] = array('type' => 2, 'message' => "Super Adminsitrateur seulement !"); - return false; - } else { return true; } - } } diff --git a/htdocs/lib/FormController.php b/htdocs/lib/FormController.php index 698f0f1..0eccd5d 100644 --- a/htdocs/lib/FormController.php +++ b/htdocs/lib/FormController.php @@ -105,7 +105,7 @@ class FormController extends DefaultController { } private static function addDomain() { - if (self::needSuperAdmin()) { + if (self::$server->isSuperAdmin()) { if (!empty(self::$form['cn'])) { try { self::$alerts[] = array('type' => 1, 'message' => 'Ajout en cours du domaine '.self::$form['cn'].' ...'); @@ -119,7 +119,7 @@ class FormController extends DefaultController { } private static function updateDomain() { - if (self::needSuperAdmin()) { + if (self::$server->isSuperAdmin()) { try { self::$domain->update(self::$form['isactive']); } catch (Exception $e_ad) { @@ -129,7 +129,7 @@ class FormController extends DefaultController { } private static function delDomain() { - if (self::needSuperAdmin()) { + if (self::$server->isSuperAdmin()) { self::$alerts[] = array('type' => 1, 'message' => 'Suppression du domaine '.self::$form['cn'].' ...'); try { self::$server->delDomain(self::$form['cn']); diff --git a/htdocs/lib/PageController.php b/htdocs/lib/PageController.php index 286f736..9ea30ed 100644 --- a/htdocs/lib/PageController.php +++ b/htdocs/lib/PageController.php @@ -34,6 +34,20 @@ class PageController extends DefaultController { ob_end_flush(); } + private static function needSuperAdmin() { + if (!self::$server->isSuperAdmin()) { + self::$alerts[] = array('type' => 2, 'message' => "Super Administrateur seulement !"); + print self::$twig->render('403.html', array( + 'page_name' => self::$config['global']['name'] + ,'alerts' => self::$alerts + ,'login' => self::$server->getLogin() + ,'isSuperAdmin' => self::$server->isSuperAdmin() + )); + header('HTTP/1.1 403 Forbidden'); + exit(0); + } + } + private static function filterGet() { $allowed_params = array('_all', '_add'); $static_pages = array('logout', 'help'); @@ -125,14 +139,13 @@ class PageController extends DefaultController { } private static function addDomain() { - if (self::needSuperAdmin("Vous n'avez pas le droit d'ajouter un domaine !")) { - print self::$twig->render('add_domain.html', array( - 'page_name' => self::$config['global']['name'] - ,'alerts' => self::$alerts - ,'login' => self::$server->getLogin() - ,'isSuperAdmin' => self::$server->isSuperAdmin() - )); - } + self::needSuperAdmin(); + print self::$twig->render('add_domain.html', array( + 'page_name' => self::$config['global']['name'] + ,'alerts' => self::$alerts + ,'login' => self::$server->getLogin() + ,'isSuperAdmin' => self::$server->isSuperAdmin() + )); } private static function listDomains() { diff --git a/htdocs/tpl/page/403.html b/htdocs/tpl/page/403.html new file mode 100644 index 0000000..749412d --- /dev/null +++ b/htdocs/tpl/page/403.html @@ -0,0 +1,10 @@ +{% extends 'base.html' %} + +{% block body %} +{% include 'nav.html' %} + +
+{% include 'notif.html' %} +
+ +{% endblock %}