61 lines
1.9 KiB
PHP
61 lines
1.9 KiB
PHP
<?php
|
|
|
|
/**
|
|
* @package Joomla.Administrator
|
|
* @subpackage com_config
|
|
*
|
|
* @copyright (C) 2023 Open Source Matters, Inc. <https://www.joomla.org>
|
|
* @license GNU General Public License version 2 or later; see LICENSE.txt
|
|
*/
|
|
|
|
namespace Joomla\Component\Config\Administrator\Dispatcher;
|
|
|
|
use Joomla\CMS\Access\Exception\NotAllowed;
|
|
use Joomla\CMS\Dispatcher\ComponentDispatcher;
|
|
use Joomla\Component\Config\Administrator\Helper\ConfigHelper;
|
|
|
|
// phpcs:disable PSR1.Files.SideEffects
|
|
\defined('_JEXEC') or die;
|
|
// phpcs:enable PSR1.Files.SideEffects
|
|
|
|
/**
|
|
* ComponentDispatcher class for com_config
|
|
*
|
|
* @since 4.2.9
|
|
*/
|
|
class Dispatcher extends ComponentDispatcher
|
|
{
|
|
/**
|
|
* Check if the user have the right access to the component config
|
|
*
|
|
* @return void
|
|
*
|
|
* @since 4.2.9
|
|
*
|
|
* @throws \Exception
|
|
*/
|
|
protected function checkAccess(): void
|
|
{
|
|
// sendtestmail and store do their own checks, so leave the method to handle the permission and send response itself
|
|
if (\in_array($this->input->getCmd('task'), ['application.sendtestmail', 'application.store'], true)) {
|
|
return;
|
|
}
|
|
|
|
$task = $this->input->getCmd('task', 'display');
|
|
$view = $this->input->getCmd('view');
|
|
$component = $this->input->getCmd('component');
|
|
|
|
if ($component && (substr($task, 0, 10) === 'component.' || $view === 'component')) {
|
|
// User is changing component settings, check if he has permission to do that
|
|
$canAccess = ConfigHelper::canChangeComponentConfig($component);
|
|
} else {
|
|
// For everything else, user is required to have global core.admin permission to perform action
|
|
$canAccess = $this->app->getIdentity()->authorise('core.admin');
|
|
}
|
|
|
|
if (!$canAccess) {
|
|
throw new NotAllowed($this->app->getLanguage()->_('JERROR_ALERTNOAUTHOR'), 403);
|
|
}
|
|
}
|
|
}
|