diff options
Diffstat (limited to 'main/app/sprinkles/core/src/Controller')
| -rw-r--r-- | main/app/sprinkles/core/src/Controller/CoreController.php | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/main/app/sprinkles/core/src/Controller/CoreController.php b/main/app/sprinkles/core/src/Controller/CoreController.php index be88b47..b4d0f83 100644 --- a/main/app/sprinkles/core/src/Controller/CoreController.php +++ b/main/app/sprinkles/core/src/Controller/CoreController.php @@ -8,9 +8,8 @@ namespace UserFrosting\Sprinkle\Core\Controller; -use Psr\Http\Message\ServerRequestInterface as Request; -use Psr\Http\Message\ResponseInterface as Response; use Slim\Exception\NotFoundException as NotFoundException; +use UserFrosting\Support\Exception\ForbiddenException; use Illuminate\Database\Capsule\Manager as DB; /** @@ -40,6 +39,13 @@ class CoreController extends SimpleController ->orderBy('Created') ->get(); + // AUTHORIZATION - ONLY FOR ADMINS RIGHT KNOW (BUILD PROCESS) + $authorizer = $this->ci->authorizer; + $currentUser = $this->ci->currentUser; + if (!$authorizer->checkAccess($currentUser, 'update_site_config')) { + throw new ForbiddenException(); + } + return $this->ci->view->render($response, 'pages/index.html.twig', [ 'friends' => $friends, 'FeedImages' => $FeedImages |