WIP

pages/exec.php

@@ -97,4 +97,29 @@ if ($sTargetPage === false) {
 //
 // GO!
 //
+// check module white list
+// check conf param
+// force login if needed
+require_once(APPROOT.'/application/startup.inc.php');
+
+$aModuleDelegatedExecutionPolicy = GetModuleDelegatedExecutionPolicy($sModule);
+if (is_null($aModuleDelegatedExecutionPolicy) || !in_array($sPage, $aModuleDelegatedExecutionPolicy)) {
+	$bForceLoginWhenNoExecutionPolicy = MetaModel::GetConfig()->Get('security.force_login_when_no_execution_policy');
+	// TODO in N°9343 : remove the conf and this 'if' condition to perform login by default when no execution policy is defined
+	LoginWebPage::DoLoginEx();
+}
+if (is_array($aModuleDelegatedExecutionPolicy) && !in_array($sPage, $aModuleDelegatedExecutionPolicy)) {
+	// if module defined a delegated execution policy but not for the current page, we consider that the page is not allowed to be executed without login
+	LoginWebPage::DoLoginEx();
+}
+
 require_once($sTargetPage);
+
+function GetModuleDelegatedExecutionPolicy(string $sModuleName): ?array
+{
+	$sModuleFile =  APPROOT.'/env-'.utils::GetCurrentEnvironment().'/'.$sModuleName.'/module.'.$sModuleName.'.php';
+
+	$oExtensionMap = new iTopExtensionsMap();
+	$aModuleParam = $oExtensionMap->GetModuleInfo($sModuleFile)[2];
+	return $aModuleParam['execution_policy'] ?? null;
+}