summaryrefslogtreecommitdiffstats
path: root/web/template/header.php
diff options
context:
space:
mode:
authorLukas Fleischer <archlinux@cryptocrack.de>2014-07-15 20:52:54 +0200
committerLukas Fleischer <archlinux@cryptocrack.de>2014-07-15 22:56:57 +0200
commit03c6304e19d5d3ecd276dd3f42220db301ab511d (patch)
tree25f58ac23290a9e57f6bd93f6b5c8986bd9fcbef /web/template/header.php
parent9e6b861b6f40a90363c402b4d26602f33964cf41 (diff)
downloadaurweb-03c6304e19d5d3ecd276dd3f42220db301ab511d.tar.xz
Rework permission handling
Add a new function has_credential() that checks whether the currently logged in user is allowed to perform a given action. Moving all permission handling to this central place makes adding new user groups and adjusting permissions much more convenient. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/template/header.php')
-rw-r--r--web/template/header.php6
1 files changed, 3 insertions, 3 deletions
diff --git a/web/template/header.php b/web/template/header.php
index 03ce536..d10b162 100644
--- a/web/template/header.php
+++ b/web/template/header.php
@@ -57,15 +57,15 @@
<li><a href="<?= get_uri('/packages/'); ?>"><?= __("Packages"); ?></a></li>
<?php if (isset($_COOKIE['AURSID'])): ?>
<li><a href="<?= get_uri('/packages/'); ?>?SeB=m&amp;K=<?= username_from_sid($_COOKIE["AURSID"]); ?>"><?= __("My Packages"); ?></a></li>
- <?php if (check_user_privileges()): ?>
+ <?php if (has_credential(CRED_PKGREQ_LIST)): ?>
<li><a href="<?= get_uri('/requests/') ; ?>"><?= __("Requests"); ?></a></li>
<?php endif; ?>
<li><a href="<?= get_uri('/submit/'); ?>"><?= __("Submit"); ?></a></li>
- <?php if (check_user_privileges()): ?>
+ <?php if (has_credential(CRED_ACCOUNT_SEARCH)): ?>
<li><a href="<?= get_uri('/accounts/') ; ?>"><?= __("Accounts"); ?></a></li>
<?php endif; ?>
<li><a href="<?= get_user_uri(username_from_sid($_COOKIE['AURSID'])) . 'edit/'; ?>"><?= __(" My Account"); ?></a></li>
- <?php if (check_user_privileges()): ?><li><a href="<?= get_uri('/tu/'); ?>"><?= __("Trusted User"); ?></a></li><?php endif; ?>
+ <?php if (has_credential(CRED_TU_LIST_VOTES)): ?><li><a href="<?= get_uri('/tu/'); ?>"><?= __("Trusted User"); ?></a></li><?php endif; ?>
<li><a href="<?= get_uri('/logout/'); ?>"><?= __("Logout"); ?></a></li>
<?php else: ?>
<li><a href="<?= get_uri('/register/'); ?>"><?= __("Register"); ?></a></li>