46 lines
960 B
PHP
46 lines
960 B
PHP
<?php
|
|
function start_app_session()
|
|
{
|
|
if (session_status() !== PHP_SESSION_ACTIVE) {
|
|
session_start();
|
|
}
|
|
}
|
|
|
|
function current_user_role()
|
|
{
|
|
start_app_session();
|
|
return $_SESSION['role'] ?? null;
|
|
}
|
|
|
|
function user_has_role(array $allowed_roles)
|
|
{
|
|
$role = current_user_role();
|
|
return $role !== null && in_array($role, $allowed_roles, true);
|
|
}
|
|
|
|
function require_roles_json(array $allowed_roles)
|
|
{
|
|
if (!user_has_role($allowed_roles)) {
|
|
http_response_code(401);
|
|
header('Content-Type: application/json');
|
|
echo json_encode([
|
|
"message" => "Akses ditolak. Silakan login dengan akun yang berwenang."
|
|
]);
|
|
exit;
|
|
}
|
|
}
|
|
|
|
function require_write_access_json()
|
|
{
|
|
require_roles_json(['admin']);
|
|
}
|
|
|
|
function require_roles_page(array $allowed_roles, $login_path = 'login.php')
|
|
{
|
|
if (!user_has_role($allowed_roles)) {
|
|
header('Location: ' . $login_path);
|
|
exit;
|
|
}
|
|
}
|
|
?>
|