diff options
Diffstat (limited to 'web/lib/acctfuncs.inc.php')
-rw-r--r-- | web/lib/acctfuncs.inc.php | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php index 3fd23ae..81e06b6 100644 --- a/web/lib/acctfuncs.inc.php +++ b/web/lib/acctfuncs.inc.php @@ -1015,3 +1015,32 @@ function cast_proposal_vote($voteid, $uid, $vote, $newtotal, $dbh=NULL) { $q = "INSERT INTO TU_Votes (VoteID, UserID) VALUES (" . intval($voteid) . ", " . intval($uid) . ")"; $result = $dbh->exec($q); } + +/** + * Verify a user has the proper permissions to edit an account + * + * @param string $atype Account type of the editing user + * @param array $acctinfo User account information for edited account + * @param int $uid User ID of the editing user + * + * @return bool True if permission to edit the account, otherwise false + */ +function can_edit_account($atype, $acctinfo, $uid) { + /* Developers can edit any account */ + if ($atype == 'Developer') { + return true; + } + + /* Trusted Users can edit all accounts except Developer accounts */ + if ($atype == 'Trusted User' && + $acctinfo['AccountType'] != 'Developer') { + return true; + } + + /* Users can edit only their own account */ + if ($acctinfo['ID'] == $uid) { + return true; + } + + return false; +} |