diff options
| author | Lukas Fleischer <archlinux@cryptocrack.de> | 2014-07-15 20:52:54 +0200 |
|---|---|---|
| committer | Lukas Fleischer <archlinux@cryptocrack.de> | 2014-07-15 22:56:57 +0200 |
| commit | 03c6304e19d5d3ecd276dd3f42220db301ab511d (patch) | |
| tree | 25f58ac23290a9e57f6bd93f6b5c8986bd9fcbef /web/template | |
| parent | 9e6b861b6f40a90363c402b4d26602f33964cf41 (diff) | |
| download | aurweb-03c6304e19d5d3ecd276dd3f42220db301ab511d.tar.xz | |
Rework permission handling
Add a new function has_credential() that checks whether the currently
logged in user is allowed to perform a given action. Moving all
permission handling to this central place makes adding new user groups
and adjusting permissions much more convenient.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/template')
| -rw-r--r-- | web/template/account_details.php | 4 | ||||
| -rw-r--r-- | web/template/account_edit_form.php | 7 | ||||
| -rw-r--r-- | web/template/account_search_results.php | 11 | ||||
| -rw-r--r-- | web/template/actions_form.php | 5 | ||||
| -rw-r--r-- | web/template/header.php | 6 | ||||
| -rw-r--r-- | web/template/pkg_comments.php | 3 | ||||
| -rw-r--r-- | web/template/pkg_details.php | 14 | ||||
| -rw-r--r-- | web/template/pkg_search_results.php | 10 | ||||
| -rw-r--r-- | web/template/pkgbase_details.php | 14 |
9 files changed, 26 insertions, 48 deletions
diff --git a/web/template/account_details.php b/web/template/account_details.php index a4e20c9..c4263d7 100644 --- a/web/template/account_details.php +++ b/web/template/account_details.php @@ -43,7 +43,7 @@ <?= $row["InactivityTS"] ? __("Inactive since") . ' ' . date("Y-m-d H:i", $row["InactivityTS"]) : __("Active"); ?> </td> </tr> - <?php if ($atype == "Trusted User" || $atype == "Developer"): ?> + <?php if (has_credential(CRED_ACCOUNT_LAST_LOGIN)): ?> <tr> <th><?= __("Last Login") . ":" ?></th> <td> @@ -55,7 +55,7 @@ <th>Links:</th> <td><ul> <li><a href="<?= get_uri('/packages/'); ?>?K=<?= $row['Username'] ?>&SeB=m"><?= __("View this user's packages") ?></a></li> - <?php if (can_edit_account($atype, $row, uid_from_sid($_COOKIE['AURSID']))): ?> + <?php if (can_edit_account($row)): ?> <li><a href="<?= get_user_uri($row['Username']); ?>edit"><?= __("Edit this user's account") ?></a></li> <?php endif; ?> </ul></td> diff --git a/web/template/account_edit_form.php b/web/template/account_edit_form.php index 30b26fd..9a99e78 100644 --- a/web/template/account_edit_form.php +++ b/web/template/account_edit_form.php @@ -17,7 +17,7 @@ </p> <?php # Only TUs or Devs can promote/demote/suspend a user - if ($UTYPE == "Trusted User" || $UTYPE == "Developer"): + if (has_credential(CRED_ACCOUNT_CHANGE_TYPE)): ?> <p> <label for="id_type"><?= __("Account Type") ?>:</label> @@ -32,10 +32,7 @@ <?php else: ?> <option value="2"><?= __("Trusted user") ?></option> <?php endif; ?> - <?php - # Only developers can make another account a developer - if ($UTYPE == "Developer"): - ?> + <?php if (has_credential(CRED_ACCOUNT_EDIT_DEV)): ?> <option value="3" <?php $T == 3 ? print " selected=\"selected\">" : print ">"; print __("Developer")."\n"; ?> diff --git a/web/template/account_search_results.php b/web/template/account_search_results.php index bd4ee29..43f2d1d 100644 --- a/web/template/account_search_results.php +++ b/web/template/account_search_results.php @@ -42,13 +42,10 @@ else: <td><?php $row["IRCNick"] ? print htmlspecialchars($row["IRCNick"],ENT_QUOTES) : print " " ?></td> <td><?php $row["PGPKey"] ? print html_format_pgp_fingerprint($row["PGPKey"]) : print " " ?></td> <td> - <?php - if ($UTYPE == "Trusted User" && $row["AccountType"] == "Developer"): - # TUs can't edit devs - print " "; - else: - ?> - <a href="<?= get_user_uri($row["Username"]) . "edit/" ?>"><?= __("Edit") ?></a> + <?php if (can_edit_account($row)): ?> + <a href="<?= get_user_uri($row["Username"]) . "edit/" ?>"><?= __("Edit") ?></a> + <?php else: ?> + <?php endif; ?> </td> </tr> diff --git a/web/template/actions_form.php b/web/template/actions_form.php index a69e40d..389297b 100644 --- a/web/template/actions_form.php +++ b/web/template/actions_form.php @@ -20,12 +20,11 @@ <?php if ($row["OutOfDateTS"] === NULL): ?> <input type="submit" class="button" name="do_Flag" value="<?= __("Flag Out-of-date") ?>" /> - <?php elseif (($row["OutOfDateTS"] !== NULL) && - ($uid == $row["MaintainerUID"] || $atype == "Trusted User" || $atype == "Developer")): ?> + <?php elseif (($row["OutOfDateTS"] !== NULL) && has_credential(CRED_PKGBASE_UNFLAG, array($row["MaintainerUID"]))): ?> <input type="submit" class="button" name="do_UnFlag" value="<?= __("UnFlag Out-of-date") ?>" /> <?php endif; ?> - <?php if ($atype == "Trusted User" || $atype == "Developer"): ?> + <?php if (has_credential(CRED_PKGBASE_DELETE)): ?> <input type="submit" class="button" name="do_Delete" value="<?= __("Delete Packages") ?>" /> <label for="merge_Into" ><?= __("Merge into") ?></label> <input type="text" id="merge_Into" name="merge_Into" /> diff --git a/web/template/header.php b/web/template/header.php index 03ce536..d10b162 100644 --- a/web/template/header.php +++ b/web/template/header.php @@ -57,15 +57,15 @@ <li><a href="<?= get_uri('/packages/'); ?>"><?= __("Packages"); ?></a></li> <?php if (isset($_COOKIE['AURSID'])): ?> <li><a href="<?= get_uri('/packages/'); ?>?SeB=m&K=<?= username_from_sid($_COOKIE["AURSID"]); ?>"><?= __("My Packages"); ?></a></li> - <?php if (check_user_privileges()): ?> + <?php if (has_credential(CRED_PKGREQ_LIST)): ?> <li><a href="<?= get_uri('/requests/') ; ?>"><?= __("Requests"); ?></a></li> <?php endif; ?> <li><a href="<?= get_uri('/submit/'); ?>"><?= __("Submit"); ?></a></li> - <?php if (check_user_privileges()): ?> + <?php if (has_credential(CRED_ACCOUNT_SEARCH)): ?> <li><a href="<?= get_uri('/accounts/') ; ?>"><?= __("Accounts"); ?></a></li> <?php endif; ?> <li><a href="<?= get_user_uri(username_from_sid($_COOKIE['AURSID'])) . 'edit/'; ?>"><?= __(" My Account"); ?></a></li> - <?php if (check_user_privileges()): ?><li><a href="<?= get_uri('/tu/'); ?>"><?= __("Trusted User"); ?></a></li><?php endif; ?> + <?php if (has_credential(CRED_TU_LIST_VOTES)): ?><li><a href="<?= get_uri('/tu/'); ?>"><?= __("Trusted User"); ?></a></li><?php endif; ?> <li><a href="<?= get_uri('/logout/'); ?>"><?= __("Logout"); ?></a></li> <?php else: ?> <li><a href="<?= get_uri('/register/'); ?>"><?= __("Register"); ?></a></li> diff --git a/web/template/pkg_comments.php b/web/template/pkg_comments.php index ca4abc6..20521a0 100644 --- a/web/template/pkg_comments.php +++ b/web/template/pkg_comments.php @@ -1,5 +1,4 @@ <?php -$uid = uid_from_sid($SID); $base_id = pkgbase_from_pkgid($row['ID']); $count = pkgbase_comments_count($base_id); ?> @@ -14,7 +13,7 @@ $count = pkgbase_comments_count($base_id); $row['UserName'] = "<a href=\"" . get_user_uri($row['UserName']) . "\">{$row['UserName']}</a>"; endif; ?> <h4> - <?php if (can_delete_comment_array($row, $atype, $uid)): ?> + <?php if (can_delete_comment_array($row)): ?> <form method="post" action="<?= htmlspecialchars(get_pkgbase_uri($pkgbase_name), ENT_QUOTES); ?>"> <fieldset style="display:inline;"> <input type="hidden" name="action" value="do_DeleteComment" /> diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php index 6f39514..7f01d2f 100644 --- a/web/template/pkg_details.php +++ b/web/template/pkg_details.php @@ -1,5 +1,4 @@ <?php -$atype = account_from_sid($SID); $uid = uid_from_sid($SID); $pkgid = intval($row['ID']); @@ -67,8 +66,7 @@ $sources = pkg_sources($row["ID"]); <input type="submit" class="button text-button" name="do_Flag" value="<?= __('Flag package out-of-date') ?>" /> </form> </li> - <?php elseif (($row["OutOfDateTS"] !== NULL) && - ($uid == $row["MaintainerUID"] || $atype == "Trusted User" || $atype == "Developer")): ?> + <?php elseif (($row["OutOfDateTS"] !== NULL) && has_credential(CRED_PKGBASE_UNFLAG, array($row["MaintainerUID"]))): ?> <li> <form action="<?= get_pkgbase_uri($row['BaseName']) . 'unflag/'; ?>" method="post"> <input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" /> @@ -108,7 +106,7 @@ $sources = pkg_sources($row["ID"]); <?php endif; ?> <li><span class="flagged"><?php if ($row["RequestCount"] > 0) { echo _n('%d pending request', '%d pending requests', $row["RequestCount"]); } ?></span></li> <li><a href="<?= get_pkgbase_uri($row['BaseName']) . 'request/'; ?>"><?= __('File Request'); ?></a></li> - <?php if ($atype == "Trusted User" || $atype == "Developer"): ?> + <?php if (has_credential(CRED_PKGBASE_DELETE)): ?> <li><a href="<?= get_pkgbase_uri($row['BaseName']) . 'delete/'; ?>"><?= __('Delete Package'); ?></a></li> <li><a href="<?= get_pkgbase_uri($row['BaseName']) . 'merge/'; ?>"><?= __('Merge Package'); ?></a></li> <?php endif; ?> @@ -121,8 +119,7 @@ $sources = pkg_sources($row["ID"]); <input type="submit" class="button text-button" name="do_Adopt" value="<?= __('Adopt Package') ?>" /> </form> </li> - <?php elseif ($uid && $uid == $row["MaintainerUID"] || - $atype == "Trusted User" || $atype == "Developer"): ?> + <?php elseif (has_credential(CRED_PKGBASE_DISOWN, array($row["MaintainerUID"]))): ?> <li> <form action="<?= get_pkgbase_uri($row['BaseName']) . 'disown/'; ?>" method="post"> <input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" /> @@ -150,8 +147,7 @@ $sources = pkg_sources($row["ID"]); <tr> <th><?= __('Category') . ': ' ?></th> <?php -if ($SID && ($uid == $row["MaintainerUID"] || - ($atype == "Developer" || $atype == "Trusted User"))): +if (has_credential(CRED_PKGBASE_CHANGE_CATEGORY, array($row["MaintainerUID"]))): ?> <td> <form method="post" action="<?= htmlspecialchars(get_pkgbase_uri($row['BaseName']), ENT_QUOTES); ?>"> @@ -312,7 +308,7 @@ if ($row["PackagerUID"]): </tr> <tr> <th><?= __('Votes') . ': ' ?></th> -<?php if ($atype == "Developer" || $atype == "Trusted User"): ?> +<?php if (has_credential(CRED_PKGBASE_LIST_VOTERS)): ?> <?php if ($USE_VIRTUAL_URLS): ?> <td><a href="<?= get_pkgbase_uri($row['BaseName']); ?>voters/"><?= $votes ?></a></td> <?php else: ?> diff --git a/web/template/pkg_search_results.php b/web/template/pkg_search_results.php index 75131fc..e901408 100644 --- a/web/template/pkg_search_results.php +++ b/web/template/pkg_search_results.php @@ -1,10 +1,4 @@ <?php -if (isset($_COOKIE['AURSID'])) { - $atype = account_from_sid($_COOKIE['AURSID']); -} else { - $atype = ""; -} - if (!$result): ?> <div class="box"><p><?= __("Error retrieving package list.") ?></p></div> <?php elseif ($total == 0): ?> @@ -119,13 +113,13 @@ if (!$result): ?> <option value="do_UnFlag"><?= __("Unflag Out-of-date") ?></option> <option value="do_Adopt"><?= __("Adopt Packages") ?></option> <option value="do_Disown"><?= __("Disown Packages") ?></option> - <?php if ($atype == "Trusted User" || $atype == "Developer"): ?> + <?php if (has_credential(CRED_PKGBASE_DELETE)): ?> <option value="do_Delete"><?= __("Delete Packages") ?></option> <?php endif; ?> <option value="do_Notify"><?= __("Notify") ?></option> <option value="do_UnNotify"><?= __("UnNotify") ?></option> </select> - <?php if ($atype == "Trusted User" || $atype == "Developer"): ?> + <?php if (has_credential(CRED_PKGBASE_DELETE)): ?> <label for="merge_Into"><?= __("Merge into") ?></label> <input type="text" id="merge_Into" name="merge_Into" /> <input type="checkbox" name="confirm_Delete" value="1" /> <?= __("Confirm") ?> diff --git a/web/template/pkgbase_details.php b/web/template/pkgbase_details.php index 64df72b..fb11e60 100644 --- a/web/template/pkgbase_details.php +++ b/web/template/pkgbase_details.php @@ -1,5 +1,4 @@ <?php -$atype = account_from_sid($SID); $uid = uid_from_sid($SID); $base_id = intval($row['ID']); @@ -42,8 +41,7 @@ $pkgs = pkgbase_get_pkgnames($base_id); <input type="submit" class="button text-button" name="do_Flag" value="<?= __('Flag package out-of-date') ?>" /> </form> </li> - <?php elseif (($row["OutOfDateTS"] !== NULL) && - ($uid == $row["MaintainerUID"] || $atype == "Trusted User" || $atype == "Developer")): ?> + <?php elseif (($row["OutOfDateTS"] !== NULL) && has_credential(CRED_PKGBASE_UNFLAG, array($row["MaintainerUID"]))): ?> <li> <form action="<?= get_pkgbase_uri($row['Name']) . 'unflag/'; ?>" method="post"> <input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" /> @@ -83,7 +81,7 @@ $pkgs = pkgbase_get_pkgnames($base_id); <?php endif; ?> <li><span class="flagged"><?php if ($row["RequestCount"] > 0) { echo _n('%d pending request', '%d pending requests', $row["RequestCount"]); } ?></span></li> <li><a href="<?= get_pkgbase_uri($row['Name']) . 'request/'; ?>"><?= __('File Request'); ?></a></li> - <?php if ($atype == "Trusted User" || $atype == "Developer"): ?> + <?php if (has_credential(CRED_PKGBASE_DELETE)): ?> <li><a href="<?= get_pkgbase_uri($row['Name']) . 'delete/'; ?>"><?= __('Delete Package'); ?></a></li> <li><a href="<?= get_pkgbase_uri($row['Name']) . 'merge/'; ?>"><?= __('Merge Package'); ?></a></li> <?php endif; ?> @@ -96,8 +94,7 @@ $pkgs = pkgbase_get_pkgnames($base_id); <input type="submit" class="button text-button" name="do_Adopt" value="<?= __('Adopt Package') ?>" /> </form> </li> - <?php elseif ($uid && $uid == $row["MaintainerUID"] || - $atype == "Trusted User" || $atype == "Developer"): ?> + <?php elseif (has_credential(CRED_PKGBASE_DISOWN, array($row["MaintainerUID"]))): ?> <li> <form action="<?= get_pkgbase_uri($row['Name']) . 'disown/'; ?>" method="post"> <input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" /> @@ -113,8 +110,7 @@ $pkgs = pkgbase_get_pkgnames($base_id); <tr> <th><?= __('Category') . ': ' ?></th> <?php -if ($SID && ($uid == $row["MaintainerUID"] || - ($atype == "Developer" || $atype == "Trusted User"))): +if (has_credential(CRED_PKGBASE_CHANGE_CATEGORY, array($row["MaintainerUID"]))): ?> <td> <form method="post" action="<?= htmlspecialchars(get_pkgbase_uri($row['Name']), ENT_QUOTES); ?>"> @@ -195,7 +191,7 @@ if ($row["PackagerUID"]): </tr> <tr> <th><?= __('Votes') . ': ' ?></th> -<?php if ($atype == "Developer" || $atype == "Trusted User"): ?> +<?php if (has_credential(CRED_PKGBASE_LIST_VOTERS)): ?> <?php if ($USE_VIRTUAL_URLS): ?> <td><a href="<?= get_pkgbase_uri($row['Name']); ?>voters/"><?= $votes ?></a></td> <?php else: ?> |