diff --git a/mod/removeme.php b/mod/removeme.php index da946485d..9ef372fed 100644 --- a/mod/removeme.php +++ b/mod/removeme.php @@ -32,7 +32,7 @@ function removeme_post(App $a) return; } - if (!empty($_SESSION['submanage'])) { + if (DI::userSession()->getSubManagedUserId()) { return; } diff --git a/mod/settings.php b/mod/settings.php index 1de3f5dcf..45f5f96c5 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -51,7 +51,7 @@ function settings_post(App $a) return; } - if (!empty($_SESSION['submanage'])) { + if (DI::userSession()->getSubManagedUserId()) { return; } @@ -152,7 +152,7 @@ function settings_content(App $a) return Login::form(); } - if (!empty($_SESSION['submanage'])) { + if (DI::userSession()->getSubManagedUserId()) { DI::sysmsg()->addNotice(DI::l10n()->t('Permission denied.')); return ''; } diff --git a/src/Content/Nav.php b/src/Content/Nav.php index b80fb2d45..23f5dcf07 100644 --- a/src/Content/Nav.php +++ b/src/Content/Nav.php @@ -287,7 +287,7 @@ class Nav $nav['messages']['outbox'] = ['message/sent', DI::l10n()->t('Outbox'), '', DI::l10n()->t('Outbox')]; $nav['messages']['new'] = ['message/new', DI::l10n()->t('New Message'), '', DI::l10n()->t('New Message')]; - if (User::hasIdentities(DI::session()->get('submanage') ?: DI::userSession()->getLocalUserId())) { + if (User::hasIdentities(DI::userSession()->getSubManagedUserId() ?: DI::userSession()->getLocalUserId())) { $nav['delegation'] = ['delegation', DI::l10n()->t('Accounts'), '', DI::l10n()->t('Manage other pages')]; } diff --git a/src/Core/Session/Capability/IHandleUserSessions.php b/src/Core/Session/Capability/IHandleUserSessions.php index 9cd8de345..e5d1b4230 100644 --- a/src/Core/Session/Capability/IHandleUserSessions.php +++ b/src/Core/Session/Capability/IHandleUserSessions.php @@ -72,6 +72,20 @@ interface IHandleUserSessions */ public function isAuthenticated(): bool; + /** + * Returns User ID of the managed user in case it's a different identity + * + * @return int|bool uid of the manager or false + */ + public function getSubManagedUserId(); + + /** + * Sets the User ID of the managed user in case it's a different identity + * + * @param int $managed_uid The user id of the managing user + */ + public function setSubManagedUserId(int $managed_uid): void; + /** * Set the session variable that contains the contact IDs for the visitor's contact URL * diff --git a/src/Core/Session/Model/UserSession.php b/src/Core/Session/Model/UserSession.php index 1b0d14121..9d7d5c091 100644 --- a/src/Core/Session/Model/UserSession.php +++ b/src/Core/Session/Model/UserSession.php @@ -118,4 +118,16 @@ class UserSession implements IHandleUserSessions { $this->session->set('remote', Contact::getVisitorByUrl($this->session->get('my_url'))); } + + /** {@inheritDoc} */ + public function getSubManagedUserId() + { + return $this->session->get('submanage') ?? false; + } + + /** {@inheritDoc} */ + public function setSubManagedUserId(int $managed_uid): void + { + $this->session->set('submanage', $managed_uid); + } } diff --git a/src/Module/BaseAdmin.php b/src/Module/BaseAdmin.php index 7088bd7d6..1c9fc0f24 100644 --- a/src/Module/BaseAdmin.php +++ b/src/Module/BaseAdmin.php @@ -63,7 +63,7 @@ abstract class BaseAdmin extends BaseModule throw new HTTPException\ForbiddenException(DI::l10n()->t('You don\'t have access to administration pages.')); } - if (!empty($_SESSION['submanage'])) { + if (DI::userSession()->getSubManagedUserId()) { throw new HTTPException\ForbiddenException(DI::l10n()->t('Submanaged account can\'t access the administration pages. Please log back in as the main account.')); } } diff --git a/src/Module/Delegation.php b/src/Module/Delegation.php index c8b5c9d90..772651875 100644 --- a/src/Module/Delegation.php +++ b/src/Module/Delegation.php @@ -45,8 +45,8 @@ class Delegation extends BaseModule $uid = DI::userSession()->getLocalUserId(); $orig_record = User::getById(DI::app()->getLoggedInUserId()); - if (DI::session()->get('submanage')) { - $user = User::getById(DI::session()->get('submanage')); + if (DI::userSession()->getSubManagedUserId()) { + $user = User::getById(DI::userSession()->getSubManagedUserId()); if (DBA::isResult($user)) { $uid = intval($user['uid']); $orig_record = $user; @@ -101,7 +101,7 @@ class Delegation extends BaseModule DI::auth()->setForUser(DI::app(), $user, true, true); if ($limited_id) { - DI::session()->set('submanage', $original_id); + DI::userSession()->setSubManagedUserId($original_id); } $ret = []; @@ -118,7 +118,7 @@ class Delegation extends BaseModule throw new ForbiddenException(DI::l10n()->t('Permission denied.')); } - $identities = User::identities(DI::session()->get('submanage', DI::userSession()->getLocalUserId())); + $identities = User::identities(DI::userSession()->getSubManagedUserId() ?: DI::userSession()->getLocalUserId()); //getting additinal information for each identity foreach ($identities as $key => $identity) { diff --git a/src/Module/Settings/Delegation.php b/src/Module/Settings/Delegation.php index a7046d40c..846e19769 100644 --- a/src/Module/Settings/Delegation.php +++ b/src/Module/Settings/Delegation.php @@ -76,7 +76,7 @@ class Delegation extends BaseSettings $user_id = $args->get(3); if ($action === 'add' && $user_id) { - if (DI::session()->get('submanage')) { + if (DI::userSession()->getSubManagedUserId()) { DI::sysmsg()->addNotice(DI::l10n()->t('Delegated administrators can view but not change delegation permissions.')); DI::baseUrl()->redirect('settings/delegation'); } @@ -98,7 +98,7 @@ class Delegation extends BaseSettings } if ($action === 'remove' && $user_id) { - if (DI::session()->get('submanage')) { + if (DI::userSession()->getSubManagedUserId()) { DI::sysmsg()->addNotice(DI::l10n()->t('Delegated administrators can view but not change delegation permissions.')); DI::baseUrl()->redirect('settings/delegation'); }