From 03c6304e19d5d3ecd276dd3f42220db301ab511d Mon Sep 17 00:00:00 2001
From: Lukas Fleischer <archlinux@cryptocrack.de>
Date: Tue, 15 Jul 2014 20:52:54 +0200
Subject: Rework permission handling

Add a new function has_credential() that checks whether the currently
logged in user is allowed to perform a given action. Moving all
permission handling to this central place makes adding new user groups
and adjusting permissions much more convenient.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
---
 web/template/account_details.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'web/template/account_details.php')

diff --git a/web/template/account_details.php b/web/template/account_details.php
index a4e20c9..c4263d7 100644
--- a/web/template/account_details.php
+++ b/web/template/account_details.php
@@ -43,7 +43,7 @@
 					<?= $row["InactivityTS"] ? __("Inactive since") . ' ' . date("Y-m-d H:i", $row["InactivityTS"]) : __("Active"); ?>
 					</td>
 				</tr>
-				<?php if ($atype == "Trusted User" || $atype == "Developer"): ?>
+				<?php if (has_credential(CRED_ACCOUNT_LAST_LOGIN)): ?>
 				<tr>
 					<th><?= __("Last Login") . ":" ?></th>
 					<td>
@@ -55,7 +55,7 @@
 					<th>Links:</th>
 					<td><ul>
 						<li><a href="<?= get_uri('/packages/'); ?>?K=<?= $row['Username'] ?>&amp;SeB=m"><?= __("View this user's packages") ?></a></li>
-					<?php if (can_edit_account($atype, $row, uid_from_sid($_COOKIE['AURSID']))): ?>
+					<?php if (can_edit_account($row)): ?>
 						<li><a href="<?= get_user_uri($row['Username']); ?>edit"><?= __("Edit this user's account") ?></a></li>
 					<?php endif; ?>
 					</ul></td>
-- 
cgit v1.2.3-70-g09d2