first commit

1 files changed, 55 insertions, 0 deletions

diff --git a/public/admin/controller/startup/permission.php b/public/admin/controller/startup/permission.php
new file mode 100644
index 0000000..e73e504
--- /dev/null
+++ b/public/admin/controller/startup/permission.php
@@ -0,0 +1,55 @@
+<?php
+class ControllerStartupPermission extends Controller {
+	public function index() {
+		if (isset($this->request->get['route'])) {
+			$route = '';
+
+			$part = explode('/', $this->request->get['route']);
+
+			if (isset($part[0])) {
+				$route .= $part[0];
+			}
+
+			if (isset($part[1])) {
+				$route .= '/' . $part[1];
+			}
+
+			// If a 3rd part is found we need to check if its under one of the extension folders.
+			$extension = array(
+				'extension/advertise',
+				'extension/dashboard',
+				'extension/analytics',
+				'extension/captcha',
+				'extension/extension',
+				'extension/feed',
+				'extension/fraud',
+				'extension/module',
+				'extension/payment',
+				'extension/shipping',
+				'extension/theme',
+				'extension/total',
+				'extension/report',
+                'extension/openbay'
+			);
+
+			if (isset($part[2]) && in_array($route, $extension)) {
+				$route .= '/' . $part[2];
+			}
+
+			// We want to ingore some pages from having its permission checked.
+			$ignore = array(
+				'common/dashboard',
+				'common/login',
+				'common/logout',
+				'common/forgotten',
+				'common/reset',
+				'error/not_found',
+				'error/permission'
+			);
+
+			if (!in_array($route, $ignore) && !$this->user->hasPermission('access', $route)) {
+				return new Action('error/permission');
+			}
+		}
+	}
+}