summaryrefslogtreecommitdiffstats
path: root/web/template
diff options
context:
space:
mode:
authorLukas Fleischer <archlinux@cryptocrack.de>2014-07-15 20:52:54 +0200
committerLukas Fleischer <archlinux@cryptocrack.de>2014-07-15 22:56:57 +0200
commit03c6304e19d5d3ecd276dd3f42220db301ab511d (patch)
tree25f58ac23290a9e57f6bd93f6b5c8986bd9fcbef /web/template
parent9e6b861b6f40a90363c402b4d26602f33964cf41 (diff)
downloadaurweb-03c6304e19d5d3ecd276dd3f42220db301ab511d.tar.xz
Rework permission handling
Add a new function has_credential() that checks whether the currently logged in user is allowed to perform a given action. Moving all permission handling to this central place makes adding new user groups and adjusting permissions much more convenient. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/template')
-rw-r--r--web/template/account_details.php4
-rw-r--r--web/template/account_edit_form.php7
-rw-r--r--web/template/account_search_results.php11
-rw-r--r--web/template/actions_form.php5
-rw-r--r--web/template/header.php6
-rw-r--r--web/template/pkg_comments.php3
-rw-r--r--web/template/pkg_details.php14
-rw-r--r--web/template/pkg_search_results.php10
-rw-r--r--web/template/pkgbase_details.php14
9 files changed, 26 insertions, 48 deletions
diff --git a/web/template/account_details.php b/web/template/account_details.php
index a4e20c9..c4263d7 100644
--- a/web/template/account_details.php
+++ b/web/template/account_details.php
@@ -43,7 +43,7 @@
<?= $row["InactivityTS"] ? __("Inactive since") . ' ' . date("Y-m-d H:i", $row["InactivityTS"]) : __("Active"); ?>
</td>
</tr>
- <?php if ($atype == "Trusted User" || $atype == "Developer"): ?>
+ <?php if (has_credential(CRED_ACCOUNT_LAST_LOGIN)): ?>
<tr>
<th><?= __("Last Login") . ":" ?></th>
<td>
@@ -55,7 +55,7 @@
<th>Links:</th>
<td><ul>
<li><a href="<?= get_uri('/packages/'); ?>?K=<?= $row['Username'] ?>&amp;SeB=m"><?= __("View this user's packages") ?></a></li>
- <?php if (can_edit_account($atype, $row, uid_from_sid($_COOKIE['AURSID']))): ?>
+ <?php if (can_edit_account($row)): ?>
<li><a href="<?= get_user_uri($row['Username']); ?>edit"><?= __("Edit this user's account") ?></a></li>
<?php endif; ?>
</ul></td>
diff --git a/web/template/account_edit_form.php b/web/template/account_edit_form.php
index 30b26fd..9a99e78 100644
--- a/web/template/account_edit_form.php
+++ b/web/template/account_edit_form.php
@@ -17,7 +17,7 @@
</p>
<?php
# Only TUs or Devs can promote/demote/suspend a user
- if ($UTYPE == "Trusted User" || $UTYPE == "Developer"):
+ if (has_credential(CRED_ACCOUNT_CHANGE_TYPE)):
?>
<p>
<label for="id_type"><?= __("Account Type") ?>:</label>
@@ -32,10 +32,7 @@
<?php else: ?>
<option value="2"><?= __("Trusted user") ?></option>
<?php endif; ?>
- <?php
- # Only developers can make another account a developer
- if ($UTYPE == "Developer"):
- ?>
+ <?php if (has_credential(CRED_ACCOUNT_EDIT_DEV)): ?>
<option value="3"
<?php $T == 3 ? print " selected=\"selected\">" : print ">";
print __("Developer")."\n"; ?>
diff --git a/web/template/account_search_results.php b/web/template/account_search_results.php
index bd4ee29..43f2d1d 100644
--- a/web/template/account_search_results.php
+++ b/web/template/account_search_results.php
@@ -42,13 +42,10 @@ else:
<td><?php $row["IRCNick"] ? print htmlspecialchars($row["IRCNick"],ENT_QUOTES) : print "&nbsp;" ?></td>
<td><?php $row["PGPKey"] ? print html_format_pgp_fingerprint($row["PGPKey"]) : print "&nbsp;" ?></td>
<td>
- <?php
- if ($UTYPE == "Trusted User" && $row["AccountType"] == "Developer"):
- # TUs can't edit devs
- print "&nbsp;";
- else:
- ?>
- <a href="<?= get_user_uri($row["Username"]) . "edit/" ?>"><?= __("Edit") ?></a>
+ <?php if (can_edit_account($row)): ?>
+ <a href="<?= get_user_uri($row["Username"]) . "edit/" ?>"><?= __("Edit") ?></a>
+ <?php else: ?>
+ &nbsp;
<?php endif; ?>
</td>
</tr>
diff --git a/web/template/actions_form.php b/web/template/actions_form.php
index a69e40d..389297b 100644
--- a/web/template/actions_form.php
+++ b/web/template/actions_form.php
@@ -20,12 +20,11 @@
<?php if ($row["OutOfDateTS"] === NULL): ?>
<input type="submit" class="button" name="do_Flag" value="<?= __("Flag Out-of-date") ?>" />
- <?php elseif (($row["OutOfDateTS"] !== NULL) &&
- ($uid == $row["MaintainerUID"] || $atype == "Trusted User" || $atype == "Developer")): ?>
+ <?php elseif (($row["OutOfDateTS"] !== NULL) && has_credential(CRED_PKGBASE_UNFLAG, array($row["MaintainerUID"]))): ?>
<input type="submit" class="button" name="do_UnFlag" value="<?= __("UnFlag Out-of-date") ?>" />
<?php endif; ?>
- <?php if ($atype == "Trusted User" || $atype == "Developer"): ?>
+ <?php if (has_credential(CRED_PKGBASE_DELETE)): ?>
<input type="submit" class="button" name="do_Delete" value="<?= __("Delete Packages") ?>" />
<label for="merge_Into" ><?= __("Merge into") ?></label>
<input type="text" id="merge_Into" name="merge_Into" />
diff --git a/web/template/header.php b/web/template/header.php
index 03ce536..d10b162 100644
--- a/web/template/header.php
+++ b/web/template/header.php
@@ -57,15 +57,15 @@
<li><a href="<?= get_uri('/packages/'); ?>"><?= __("Packages"); ?></a></li>
<?php if (isset($_COOKIE['AURSID'])): ?>
<li><a href="<?= get_uri('/packages/'); ?>?SeB=m&amp;K=<?= username_from_sid($_COOKIE["AURSID"]); ?>"><?= __("My Packages"); ?></a></li>
- <?php if (check_user_privileges()): ?>
+ <?php if (has_credential(CRED_PKGREQ_LIST)): ?>
<li><a href="<?= get_uri('/requests/') ; ?>"><?= __("Requests"); ?></a></li>
<?php endif; ?>
<li><a href="<?= get_uri('/submit/'); ?>"><?= __("Submit"); ?></a></li>
- <?php if (check_user_privileges()): ?>
+ <?php if (has_credential(CRED_ACCOUNT_SEARCH)): ?>
<li><a href="<?= get_uri('/accounts/') ; ?>"><?= __("Accounts"); ?></a></li>
<?php endif; ?>
<li><a href="<?= get_user_uri(username_from_sid($_COOKIE['AURSID'])) . 'edit/'; ?>"><?= __(" My Account"); ?></a></li>
- <?php if (check_user_privileges()): ?><li><a href="<?= get_uri('/tu/'); ?>"><?= __("Trusted User"); ?></a></li><?php endif; ?>
+ <?php if (has_credential(CRED_TU_LIST_VOTES)): ?><li><a href="<?= get_uri('/tu/'); ?>"><?= __("Trusted User"); ?></a></li><?php endif; ?>
<li><a href="<?= get_uri('/logout/'); ?>"><?= __("Logout"); ?></a></li>
<?php else: ?>
<li><a href="<?= get_uri('/register/'); ?>"><?= __("Register"); ?></a></li>
diff --git a/web/template/pkg_comments.php b/web/template/pkg_comments.php
index ca4abc6..20521a0 100644
--- a/web/template/pkg_comments.php
+++ b/web/template/pkg_comments.php
@@ -1,5 +1,4 @@
<?php
-$uid = uid_from_sid($SID);
$base_id = pkgbase_from_pkgid($row['ID']);
$count = pkgbase_comments_count($base_id);
?>
@@ -14,7 +13,7 @@ $count = pkgbase_comments_count($base_id);
$row['UserName'] = "<a href=\"" . get_user_uri($row['UserName']) . "\">{$row['UserName']}</a>";
endif; ?>
<h4>
- <?php if (can_delete_comment_array($row, $atype, $uid)): ?>
+ <?php if (can_delete_comment_array($row)): ?>
<form method="post" action="<?= htmlspecialchars(get_pkgbase_uri($pkgbase_name), ENT_QUOTES); ?>">
<fieldset style="display:inline;">
<input type="hidden" name="action" value="do_DeleteComment" />
diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php
index 6f39514..7f01d2f 100644
--- a/web/template/pkg_details.php
+++ b/web/template/pkg_details.php
@@ -1,5 +1,4 @@
<?php
-$atype = account_from_sid($SID);
$uid = uid_from_sid($SID);
$pkgid = intval($row['ID']);
@@ -67,8 +66,7 @@ $sources = pkg_sources($row["ID"]);
<input type="submit" class="button text-button" name="do_Flag" value="<?= __('Flag package out-of-date') ?>" />
</form>
</li>
- <?php elseif (($row["OutOfDateTS"] !== NULL) &&
- ($uid == $row["MaintainerUID"] || $atype == "Trusted User" || $atype == "Developer")): ?>
+ <?php elseif (($row["OutOfDateTS"] !== NULL) && has_credential(CRED_PKGBASE_UNFLAG, array($row["MaintainerUID"]))): ?>
<li>
<form action="<?= get_pkgbase_uri($row['BaseName']) . 'unflag/'; ?>" method="post">
<input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" />
@@ -108,7 +106,7 @@ $sources = pkg_sources($row["ID"]);
<?php endif; ?>
<li><span class="flagged"><?php if ($row["RequestCount"] > 0) { echo _n('%d pending request', '%d pending requests', $row["RequestCount"]); } ?></span></li>
<li><a href="<?= get_pkgbase_uri($row['BaseName']) . 'request/'; ?>"><?= __('File Request'); ?></a></li>
- <?php if ($atype == "Trusted User" || $atype == "Developer"): ?>
+ <?php if (has_credential(CRED_PKGBASE_DELETE)): ?>
<li><a href="<?= get_pkgbase_uri($row['BaseName']) . 'delete/'; ?>"><?= __('Delete Package'); ?></a></li>
<li><a href="<?= get_pkgbase_uri($row['BaseName']) . 'merge/'; ?>"><?= __('Merge Package'); ?></a></li>
<?php endif; ?>
@@ -121,8 +119,7 @@ $sources = pkg_sources($row["ID"]);
<input type="submit" class="button text-button" name="do_Adopt" value="<?= __('Adopt Package') ?>" />
</form>
</li>
- <?php elseif ($uid && $uid == $row["MaintainerUID"] ||
- $atype == "Trusted User" || $atype == "Developer"): ?>
+ <?php elseif (has_credential(CRED_PKGBASE_DISOWN, array($row["MaintainerUID"]))): ?>
<li>
<form action="<?= get_pkgbase_uri($row['BaseName']) . 'disown/'; ?>" method="post">
<input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" />
@@ -150,8 +147,7 @@ $sources = pkg_sources($row["ID"]);
<tr>
<th><?= __('Category') . ': ' ?></th>
<?php
-if ($SID && ($uid == $row["MaintainerUID"] ||
- ($atype == "Developer" || $atype == "Trusted User"))):
+if (has_credential(CRED_PKGBASE_CHANGE_CATEGORY, array($row["MaintainerUID"]))):
?>
<td>
<form method="post" action="<?= htmlspecialchars(get_pkgbase_uri($row['BaseName']), ENT_QUOTES); ?>">
@@ -312,7 +308,7 @@ if ($row["PackagerUID"]):
</tr>
<tr>
<th><?= __('Votes') . ': ' ?></th>
-<?php if ($atype == "Developer" || $atype == "Trusted User"): ?>
+<?php if (has_credential(CRED_PKGBASE_LIST_VOTERS)): ?>
<?php if ($USE_VIRTUAL_URLS): ?>
<td><a href="<?= get_pkgbase_uri($row['BaseName']); ?>voters/"><?= $votes ?></a></td>
<?php else: ?>
diff --git a/web/template/pkg_search_results.php b/web/template/pkg_search_results.php
index 75131fc..e901408 100644
--- a/web/template/pkg_search_results.php
+++ b/web/template/pkg_search_results.php
@@ -1,10 +1,4 @@
<?php
-if (isset($_COOKIE['AURSID'])) {
- $atype = account_from_sid($_COOKIE['AURSID']);
-} else {
- $atype = "";
-}
-
if (!$result): ?>
<div class="box"><p><?= __("Error retrieving package list.") ?></p></div>
<?php elseif ($total == 0): ?>
@@ -119,13 +113,13 @@ if (!$result): ?>
<option value="do_UnFlag"><?= __("Unflag Out-of-date") ?></option>
<option value="do_Adopt"><?= __("Adopt Packages") ?></option>
<option value="do_Disown"><?= __("Disown Packages") ?></option>
- <?php if ($atype == "Trusted User" || $atype == "Developer"): ?>
+ <?php if (has_credential(CRED_PKGBASE_DELETE)): ?>
<option value="do_Delete"><?= __("Delete Packages") ?></option>
<?php endif; ?>
<option value="do_Notify"><?= __("Notify") ?></option>
<option value="do_UnNotify"><?= __("UnNotify") ?></option>
</select>
- <?php if ($atype == "Trusted User" || $atype == "Developer"): ?>
+ <?php if (has_credential(CRED_PKGBASE_DELETE)): ?>
<label for="merge_Into"><?= __("Merge into") ?></label>
<input type="text" id="merge_Into" name="merge_Into" />
<input type="checkbox" name="confirm_Delete" value="1" /> <?= __("Confirm") ?>
diff --git a/web/template/pkgbase_details.php b/web/template/pkgbase_details.php
index 64df72b..fb11e60 100644
--- a/web/template/pkgbase_details.php
+++ b/web/template/pkgbase_details.php
@@ -1,5 +1,4 @@
<?php
-$atype = account_from_sid($SID);
$uid = uid_from_sid($SID);
$base_id = intval($row['ID']);
@@ -42,8 +41,7 @@ $pkgs = pkgbase_get_pkgnames($base_id);
<input type="submit" class="button text-button" name="do_Flag" value="<?= __('Flag package out-of-date') ?>" />
</form>
</li>
- <?php elseif (($row["OutOfDateTS"] !== NULL) &&
- ($uid == $row["MaintainerUID"] || $atype == "Trusted User" || $atype == "Developer")): ?>
+ <?php elseif (($row["OutOfDateTS"] !== NULL) && has_credential(CRED_PKGBASE_UNFLAG, array($row["MaintainerUID"]))): ?>
<li>
<form action="<?= get_pkgbase_uri($row['Name']) . 'unflag/'; ?>" method="post">
<input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" />
@@ -83,7 +81,7 @@ $pkgs = pkgbase_get_pkgnames($base_id);
<?php endif; ?>
<li><span class="flagged"><?php if ($row["RequestCount"] > 0) { echo _n('%d pending request', '%d pending requests', $row["RequestCount"]); } ?></span></li>
<li><a href="<?= get_pkgbase_uri($row['Name']) . 'request/'; ?>"><?= __('File Request'); ?></a></li>
- <?php if ($atype == "Trusted User" || $atype == "Developer"): ?>
+ <?php if (has_credential(CRED_PKGBASE_DELETE)): ?>
<li><a href="<?= get_pkgbase_uri($row['Name']) . 'delete/'; ?>"><?= __('Delete Package'); ?></a></li>
<li><a href="<?= get_pkgbase_uri($row['Name']) . 'merge/'; ?>"><?= __('Merge Package'); ?></a></li>
<?php endif; ?>
@@ -96,8 +94,7 @@ $pkgs = pkgbase_get_pkgnames($base_id);
<input type="submit" class="button text-button" name="do_Adopt" value="<?= __('Adopt Package') ?>" />
</form>
</li>
- <?php elseif ($uid && $uid == $row["MaintainerUID"] ||
- $atype == "Trusted User" || $atype == "Developer"): ?>
+ <?php elseif (has_credential(CRED_PKGBASE_DISOWN, array($row["MaintainerUID"]))): ?>
<li>
<form action="<?= get_pkgbase_uri($row['Name']) . 'disown/'; ?>" method="post">
<input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" />
@@ -113,8 +110,7 @@ $pkgs = pkgbase_get_pkgnames($base_id);
<tr>
<th><?= __('Category') . ': ' ?></th>
<?php
-if ($SID && ($uid == $row["MaintainerUID"] ||
- ($atype == "Developer" || $atype == "Trusted User"))):
+if (has_credential(CRED_PKGBASE_CHANGE_CATEGORY, array($row["MaintainerUID"]))):
?>
<td>
<form method="post" action="<?= htmlspecialchars(get_pkgbase_uri($row['Name']), ENT_QUOTES); ?>">
@@ -195,7 +191,7 @@ if ($row["PackagerUID"]):
</tr>
<tr>
<th><?= __('Votes') . ': ' ?></th>
-<?php if ($atype == "Developer" || $atype == "Trusted User"): ?>
+<?php if (has_credential(CRED_PKGBASE_LIST_VOTERS)): ?>
<?php if ($USE_VIRTUAL_URLS): ?>
<td><a href="<?= get_pkgbase_uri($row['Name']); ?>voters/"><?= $votes ?></a></td>
<?php else: ?>