Don't use checkSession in dispatchers - rather verify session directly

and allow the dispatcher to set its own access level. git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@3674 c91229c3-7414-0410-bfa2-8a42b809f60b

Don't use checkSession in dispatchers - rather verify session directly
and allow the dispatcher to set its own access level. git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@3674 c91229c3-7414-0410-bfa2-8a42b809f60b
nbm
1 parent 79bf71aa
Showing 1 changed file with 36 additions and 2 deletions
lib/dispatcher.inc.php
@@ -59,19 +59,53 @@ class KTDispatcher {
 }
  
 class KTStandardDispatcher extends KTDispatcher {
+    var $bLogonRequired = true;
+    var $bAdminRequired = false;
+
     function permissionDenied () {
         print "Permission denied";
     }
  
     function dispatch () {
-        if (!checkSession()) {
-            exit($this->permissionDenied());
+        $session = new Session();
+        $sessionStatus = $session->verify($bDownload);
+
+        if ($bLogonRequired !== false) {
+            if (empty($_SESSION['userID'])) {
+                $this->permissionDenied();
+                exit(0);
+            }
         }
+
+        if ($bAdminRequired !== false) {
+            if (!Permission::userIsSystemAdministrator($_SESSION['userID'])) {
+                $this->permissionDenied();
+                exit(0);
+            }
+        }
+
+        if ($this->check() !== true) {
+            $this->permissionDenied();
+            exit(0);
+        }
+
         return parent::dispatch();
     }
+
+    function check() {
+        return true;
+    }
+
+    function handleOutput($data) {
+        global $main;
+        $main->bFormDisabled = true;
+        $main->setCentralPayload($data);
+        $main->render();
+    }
 }
  
 class KTAdminDispatcher extends KTStandardDispatcher {
+    var $bAdminRequired = true;
 }
  
 ?>