From 03c6304e19d5d3ecd276dd3f42220db301ab511d Mon Sep 17 00:00:00 2001
From: Lukas Fleischer <archlinux@cryptocrack.de>
Date: Tue, 15 Jul 2014 20:52:54 +0200
Subject: Rework permission handling

Add a new function has_credential() that checks whether the currently
logged in user is allowed to perform a given action. Moving all
permission handling to this central place makes adding new user groups
and adjusting permissions much more convenient.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
---
 web/html/pkgmerge.php | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

(limited to 'web/html/pkgmerge.php')

diff --git a/web/html/pkgmerge.php b/web/html/pkgmerge.php
index ba3f742..6a3b3c5 100644
--- a/web/html/pkgmerge.php
+++ b/web/html/pkgmerge.php
@@ -10,13 +10,7 @@ check_sid();
 
 html_header(__("Package Merging"));
 
-$atype = "";
-
-if (isset($_COOKIE["AURSID"])) {
-	$atype = account_from_sid($_COOKIE["AURSID"]);
-}
-
-if ($atype == "Trusted User" || $atype == "Developer"): ?>
+if (has_credential(CRED_PKGBASE_DELETE)): ?>
 <div class="box">
 	<h2><?= __('Merge Package: %s', htmlspecialchars($pkgbase_name)) ?></h2>
 	<p>
-- 
cgit v1.2.3-70-g09d2