アクセス許可管理

blog/memberonly-post.md

@@ -0,0 +1,9 @@
+title: 【新機能】メンバー限定
+uuid: d49f60c7-6d85-4263-9d3f-c20025f2fa0d
+author: 諏訪子
+date: 2025-12-29 06:10:39
+thumbnail: 
+thumborient: center
+category: feature,memberonly
+----
+これを見れば、ログインしたユーザーという意味です。

blog/staffonly-post.md

@@ -0,0 +1,9 @@
+title: 【新機能】スタッフ限定
+uuid: 1c0ac334-a017-4813-9137-939b483c08eb
+author: 諏訪子
+date: 2025-12-29 06:13:38
+thumbnail: 
+thumborient: center
+category: feature,staffonly
+----
+これを見れば、おいらのニッガーという意味です。

newpost.php

@@ -2,6 +2,7 @@
 if (!isset($argv[1])) die('usage: php newpost.php [slug]');
 if (file_exists("blog/{$argv[1]}.md")) die("エラー： ファイル「blog/{$argv[1]}.md」は既に存在します。\n");
 
+define('CURL_ENABLED', false); // 黙れ・・・
 include('util.php');
 $post = fopen("blog/{$argv[1]}.md", "w");
 fwrite($post, "title: 【】\n");

src/Site/Controller/Atom.php

@@ -16,7 +16,7 @@ class Atom extends BlogPost {
   public function feed(array $params): void {
     try {
       // 最新の投稿を取得
-      $posts = $this->getPosts('/blog/');
+      $posts = $this->getPosts('/blog/', null);
       // 最新の5件に制限
       $posts = array_slice($posts, 0, 5);
       

src/Site/Controller/BlogPost.php

@@ -7,9 +7,11 @@ class BlogPost {
    * 
    * @return array 投稿の配列
    */
-  public function getPosts(string $section): array {
+  public function getPosts(string $section, ?\stdClass $user): array {
     $path = ROOT.$section;
     $posts = [];
+    $isMember = $user !== NULL;
+    $isStaff = $user !== NULL && $user->role === 1;
 
     if (!is_dir($path)) return $posts;
     $files = glob($path.'/*.md');
@@ -51,7 +53,7 @@ class BlogPost {
         'thumborient' => $metadata['thumborient'] ?? '',
         'category' => $metadata['category'] ?? [],
         'uuid' => $metadata['uuid'] ?? '',
-        'preview' => $preview,
+        'preview' => ((!$isMember && in_array('memberonly', $metadata['category'])) || (!$isStaff && in_array('staffonly', $metadata['category'])) ? '未許可' : $preview),
         'slug' => $slug,
       ];
     }

src/Site/Controller/Fediverse.php

@@ -86,7 +86,7 @@ class Fediverse extends BlogPost {
 
     try {
       header('Content-Type: application/activity+json');
-      $posts = $this->getPosts('/blog/');
+      $posts = $this->getPosts('/blog/', null);
       $ap = new Activitypub($posts);
       echo $ap->getActivity($uuid);
       exit;
@@ -104,7 +104,7 @@ class Fediverse extends BlogPost {
   public function apoutbox(array $params): void {
     try {
       header('Content-Type: application/activity+json');
-      $posts = $this->getPosts('/blog/');
+      $posts = $this->getPosts('/blog/', null);
       $ap = new Activitypub($posts);
       echo $ap->getOutbox();
       exit;

src/Site/Controller/Home.php

@@ -34,7 +34,11 @@ class Home extends BlogPost {
 
       $description = 'テクニカル諏訪子ちゃんの個人ブログ';
 
-      $posts = $this->getPosts('/blog/');
+      // ユーザー
+      $auth = new Auth();
+      $user = $auth->getLoggedInUser();
+
+      $posts = $this->getPosts('/blog/', $user);
       if (!is_array($posts)) $posts = [];
 
       // 検索機能が使用されている場合
@@ -57,11 +61,7 @@ class Home extends BlogPost {
         $postsPerPage
       );
 
-      // ユーザー
-      $auth = new Auth();
-      $user = $auth->getLoggedInUser();
       $tmpl->assign('user', $user);
-
       $tmpl->assign('currentPage', $page);
       $tmpl->assign('totalPages', $totalPages);
       $tmpl->assign('posts', $currentPosts);
@@ -113,6 +113,8 @@ class Home extends BlogPost {
       // ユーザー
       $auth = new Auth();
       $user = $auth->getLoggedInUser();
+      $isMember = $user !== NULL;
+      $isStaff = $user !== NULL && $user->role === 1;
       $tmpl->assign('user', $user);
 
       $tmpl->assign('pagetit', $pagetit);
@@ -130,10 +132,23 @@ class Home extends BlogPost {
         }
       }
 
+      if (!$isMember && in_array('memberonly', $meta->category)) goto denyaccess;
+      if (!$isStaff && in_array('staffonly', $meta->category)) goto denyaccess;
+
+showpage:
       $tmpl->addCss('news-article');
       $tmpl->addCss('search');
       $tmpl->addCss('blogtype');
       $tmpl->render('article');
+      exit();
+
+denyaccess:
+      unset($md, $meta, $pagetit, $article, $description);
+      $tmpl->assign('pagetit', 'Not found');
+      $tmpl->assign('curPage', '404');
+      $tmpl->assign('menu', $this->getMenu());
+      $tmpl->assign('description', '');
+      $tmpl->render('404');
     } catch (\Exception $e) {
       throw new \Exception($e->getMessage());
     }

src/Site/Controller/Mods.php

@@ -32,6 +32,20 @@ trait Mods {
         'text' => '秘密のページ',
         'show' => false,
       ],
+      [
+        'class' => 'menu-item',
+        'href' => '/memberonly',
+        'page' => 'memberonly',
+        'text' => 'メンバー限定',
+        'show' => true,
+      ],
+      [
+        'class' => 'menu-item',
+        'href' => '/staffonly',
+        'page' => 'staffonly',
+        'text' => 'スタッフ限定',
+        'show' => true,
+      ],
     ];
   }
 }

src/Site/Controller/Page.php

@@ -77,4 +77,54 @@ class Page {
       throw new \Exception($e->getMessage());
     }
   }
+
+  public function memberonly(array $params): void {
+    try {
+      $tmpl = new Template('/');
+      $pagetit = 'サインインしたユーザー限定';
+      $description = 'PHPフレームワークについて';
+
+      // ユーザー
+      $auth = new Auth();
+      $user = $auth->getLoggedInUser();
+
+      $tmpl->assign('user', $user);
+
+      $tmpl->assign('pagetit', $pagetit);
+      $tmpl->assign('curPage', 'memberonly');
+      $tmpl->assign('custCss', false);
+      $tmpl->assign('menu', $this->getMenu());
+      $tmpl->assign('description', $description);
+
+      if ($user && $user->role != -1) $tmpl->render('memberonly');
+      else $tmpl->render('nopermission');
+    } catch (\Exception $e) {
+      throw new \Exception($e->getMessage());
+    }
+  }
+
+  public function staffonly(array $params): void {
+    try {
+      $tmpl = new Template('/');
+      $pagetit = 'スタッフ限定';
+      $description = 'PHPフレームワークについて';
+
+      // ユーザー
+      $auth = new Auth();
+      $user = $auth->getLoggedInUser();
+
+      $tmpl->assign('user', $user);
+
+      $tmpl->assign('pagetit', $pagetit);
+      $tmpl->assign('curPage', 'staffonly');
+      $tmpl->assign('custCss', false);
+      $tmpl->assign('menu', $this->getMenu());
+      $tmpl->assign('description', $description);
+
+      if ($user && $user->role == 1) $tmpl->render('staffonly');
+      else $tmpl->render('nopermission');
+    } catch (\Exception $e) {
+      throw new \Exception($e->getMessage());
+    }
+  }
 }

src/Site/Test/LibActivitypub.php

@@ -50,7 +50,7 @@ if (ACTIVITYPUB_ENABLED) {
     
     $test->it('アクティビティを受け取れるはず', function($test): void {
       $blog = new BlogPost;
-      $posts = $blog->getPosts('/blog/');
+      $posts = $blog->getPosts('/blog/', null);
       $ap = new Activitypub($posts);
       $res = $ap->getActivity('a8c04518-4181-4ec6-9ef0-3f88f23b84b6'); // /blog/feature-test
       $test->assertNotNull($res);

view/memberonly.maron

@@ -0,0 +1,6 @@
+{@ include(common/header) @}
+      <h1 class="paragraph">メンバー限定</h1>
+      <p class="paragraph">
+        いらっしゃいませ、ご主人様！ ^^) _旦~~
+      </p>
+{@ include(common/footer) @}

view/nopermission.maron

@@ -0,0 +1,3 @@
+{@ include(common/header) @}
+      <p>表示許可却下。失礼。</p>
+{@ include(common/footer) @}

view/staffonly.maron

@@ -0,0 +1,6 @@
+{@ include(common/header) @}
+      <h1 class="paragraph">スタッフ限定</h1>
+      <p class="paragraph">
+        よろしくね、社員。(´・ω・｀)
+      </p>
+{@ include(common/footer) @}