diff options
| author | Lukas Fleischer <archlinux@cryptocrack.de> | 2014-07-15 20:52:54 +0200 |
|---|---|---|
| committer | Lukas Fleischer <archlinux@cryptocrack.de> | 2014-07-15 22:56:57 +0200 |
| commit | 03c6304e19d5d3ecd276dd3f42220db301ab511d (patch) | |
| tree | 25f58ac23290a9e57f6bd93f6b5c8986bd9fcbef /web/template/pkgbase_details.php | |
| parent | 9e6b861b6f40a90363c402b4d26602f33964cf41 (diff) | |
| download | aurweb-03c6304e19d5d3ecd276dd3f42220db301ab511d.tar.xz | |
Rework permission handling
Add a new function has_credential() that checks whether the currently
logged in user is allowed to perform a given action. Moving all
permission handling to this central place makes adding new user groups
and adjusting permissions much more convenient.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/template/pkgbase_details.php')
| -rw-r--r-- | web/template/pkgbase_details.php | 14 |
1 files changed, 5 insertions, 9 deletions
diff --git a/web/template/pkgbase_details.php b/web/template/pkgbase_details.php index 64df72b..fb11e60 100644 --- a/web/template/pkgbase_details.php +++ b/web/template/pkgbase_details.php @@ -1,5 +1,4 @@ <?php -$atype = account_from_sid($SID); $uid = uid_from_sid($SID); $base_id = intval($row['ID']); @@ -42,8 +41,7 @@ $pkgs = pkgbase_get_pkgnames($base_id); <input type="submit" class="button text-button" name="do_Flag" value="<?= __('Flag package out-of-date') ?>" /> </form> </li> - <?php elseif (($row["OutOfDateTS"] !== NULL) && - ($uid == $row["MaintainerUID"] || $atype == "Trusted User" || $atype == "Developer")): ?> + <?php elseif (($row["OutOfDateTS"] !== NULL) && has_credential(CRED_PKGBASE_UNFLAG, array($row["MaintainerUID"]))): ?> <li> <form action="<?= get_pkgbase_uri($row['Name']) . 'unflag/'; ?>" method="post"> <input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" /> @@ -83,7 +81,7 @@ $pkgs = pkgbase_get_pkgnames($base_id); <?php endif; ?> <li><span class="flagged"><?php if ($row["RequestCount"] > 0) { echo _n('%d pending request', '%d pending requests', $row["RequestCount"]); } ?></span></li> <li><a href="<?= get_pkgbase_uri($row['Name']) . 'request/'; ?>"><?= __('File Request'); ?></a></li> - <?php if ($atype == "Trusted User" || $atype == "Developer"): ?> + <?php if (has_credential(CRED_PKGBASE_DELETE)): ?> <li><a href="<?= get_pkgbase_uri($row['Name']) . 'delete/'; ?>"><?= __('Delete Package'); ?></a></li> <li><a href="<?= get_pkgbase_uri($row['Name']) . 'merge/'; ?>"><?= __('Merge Package'); ?></a></li> <?php endif; ?> @@ -96,8 +94,7 @@ $pkgs = pkgbase_get_pkgnames($base_id); <input type="submit" class="button text-button" name="do_Adopt" value="<?= __('Adopt Package') ?>" /> </form> </li> - <?php elseif ($uid && $uid == $row["MaintainerUID"] || - $atype == "Trusted User" || $atype == "Developer"): ?> + <?php elseif (has_credential(CRED_PKGBASE_DISOWN, array($row["MaintainerUID"]))): ?> <li> <form action="<?= get_pkgbase_uri($row['Name']) . 'disown/'; ?>" method="post"> <input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" /> @@ -113,8 +110,7 @@ $pkgs = pkgbase_get_pkgnames($base_id); <tr> <th><?= __('Category') . ': ' ?></th> <?php -if ($SID && ($uid == $row["MaintainerUID"] || - ($atype == "Developer" || $atype == "Trusted User"))): +if (has_credential(CRED_PKGBASE_CHANGE_CATEGORY, array($row["MaintainerUID"]))): ?> <td> <form method="post" action="<?= htmlspecialchars(get_pkgbase_uri($row['Name']), ENT_QUOTES); ?>"> @@ -195,7 +191,7 @@ if ($row["PackagerUID"]): </tr> <tr> <th><?= __('Votes') . ': ' ?></th> -<?php if ($atype == "Developer" || $atype == "Trusted User"): ?> +<?php if (has_credential(CRED_PKGBASE_LIST_VOTERS)): ?> <?php if ($USE_VIRTUAL_URLS): ?> <td><a href="<?= get_pkgbase_uri($row['Name']); ?>voters/"><?= $votes ?></a></td> <?php else: ?> |