Rework permission handling

Add a new function has_credential() that checks whether the currently logged in user is allowed to perform a given action. Moving all permission handling to this central place makes adding new user groups and adjusting permissions much more convenient. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
author: Lukas Fleischer <archlinux@cryptocrack.de> 2014-07-15 20:52:54 +0200
committer: Lukas Fleischer <archlinux@cryptocrack.de> 2014-07-15 22:56:57 +0200
commit: 03c6304e19d5d3ecd276dd3f42220db301ab511d (patch)
tree: 25f58ac23290a9e57f6bd93f6b5c8986bd9fcbef /web/template/pkg_comments.php
parent: 9e6b861b6f40a90363c402b4d26602f33964cf41 (diff)
download: aurweb-03c6304e19d5d3ecd276dd3f42220db301ab511d.tar.xz
1 files changed, 1 insertions, 2 deletions
diff --git a/web/template/pkg_comments.php b/web/template/pkg_comments.php
index ca4abc6..20521a0 100644
--- a/web/template/pkg_comments.php
+++ b/web/template/pkg_comments.php
@@ -1,5 +1,4 @@
 <?php
-$uid = uid_from_sid($SID);
 $base_id = pkgbase_from_pkgid($row['ID']);
 $count = pkgbase_comments_count($base_id);
 ?>
@@ -14,7 +13,7 @@ $count = pkgbase_comments_count($base_id);
 			$row['UserName'] = "<a href=\"" . get_user_uri($row['UserName']) . "\">{$row['UserName']}</a>";
 		endif; ?>
 		<h4>
-			<?php if (can_delete_comment_array($row, $atype, $uid)): ?>
+			<?php if (can_delete_comment_array($row)): ?>
 				<form method="post" action="<?= htmlspecialchars(get_pkgbase_uri($pkgbase_name), ENT_QUOTES); ?>">
 					<fieldset style="display:inline;">
 						<input type="hidden" name="action" value="do_DeleteComment" />
author	Lukas Fleischer <archlinux@cryptocrack.de>	2014-07-15 20:52:54 +0200
committer	Lukas Fleischer <archlinux@cryptocrack.de>	2014-07-15 22:56:57 +0200
commit	03c6304e19d5d3ecd276dd3f42220db301ab511d (patch)
tree	25f58ac23290a9e57f6bd93f6b5c8986bd9fcbef /web/template/pkg_comments.php
parent	9e6b861b6f40a90363c402b4d26602f33964cf41 (diff)
download	aurweb-03c6304e19d5d3ecd276dd3f42220db301ab511d.tar.xz