Rework permission handling

Add a new function has_credential() that checks whether the currently logged in user is allowed to perform a given action. Moving all permission handling to this central place makes adding new user groups and adjusting permissions much more convenient. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
author: Lukas Fleischer <archlinux@cryptocrack.de> 2014-07-15 20:52:54 +0200
committer: Lukas Fleischer <archlinux@cryptocrack.de> 2014-07-15 22:56:57 +0200
commit: 03c6304e19d5d3ecd276dd3f42220db301ab511d (patch)
tree: 25f58ac23290a9e57f6bd93f6b5c8986bd9fcbef /web/html/pkgmerge.php
parent: 9e6b861b6f40a90363c402b4d26602f33964cf41 (diff)
download: aurweb-03c6304e19d5d3ecd276dd3f42220db301ab511d.tar.xz
1 files changed, 1 insertions, 7 deletions
diff --git a/web/html/pkgmerge.php b/web/html/pkgmerge.php
index ba3f742..6a3b3c5 100644
--- a/web/html/pkgmerge.php
+++ b/web/html/pkgmerge.php
@@ -10,13 +10,7 @@ check_sid();
 
 html_header(__("Package Merging"));
 
-$atype = "";
-
-if (isset($_COOKIE["AURSID"])) {
-	$atype = account_from_sid($_COOKIE["AURSID"]);
-}
-
-if ($atype == "Trusted User" || $atype == "Developer"): ?>
+if (has_credential(CRED_PKGBASE_DELETE)): ?>
 <div class="box">
 	<h2><?= __('Merge Package: %s', htmlspecialchars($pkgbase_name)) ?></h2>
 	<p>
author	Lukas Fleischer <archlinux@cryptocrack.de>	2014-07-15 20:52:54 +0200
committer	Lukas Fleischer <archlinux@cryptocrack.de>	2014-07-15 22:56:57 +0200
commit	03c6304e19d5d3ecd276dd3f42220db301ab511d (patch)
tree	25f58ac23290a9e57f6bd93f6b5c8986bd9fcbef /web/html/pkgmerge.php
parent	9e6b861b6f40a90363c402b4d26602f33964cf41 (diff)
download	aurweb-03c6304e19d5d3ecd276dd3f42220db301ab511d.tar.xz