From 03c6304e19d5d3ecd276dd3f42220db301ab511d Mon Sep 17 00:00:00 2001
From: Lukas Fleischer <archlinux@cryptocrack.de>
Date: Tue, 15 Jul 2014 20:52:54 +0200
Subject: Rework permission handling

Add a new function has_credential() that checks whether the currently
logged in user is allowed to perform a given action. Moving all
permission handling to this central place makes adding new user groups
and adjusting permissions much more convenient.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
---
 web/template/account_edit_form.php | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

(limited to 'web/template/account_edit_form.php')

diff --git a/web/template/account_edit_form.php b/web/template/account_edit_form.php
index 30b26fd..9a99e78 100644
--- a/web/template/account_edit_form.php
+++ b/web/template/account_edit_form.php
@@ -17,7 +17,7 @@
 		</p>
 		<?php
 		# Only TUs or Devs can promote/demote/suspend a user
-		if ($UTYPE == "Trusted User" || $UTYPE == "Developer"):
+		if (has_credential(CRED_ACCOUNT_CHANGE_TYPE)):
 		?>
 		<p>
 			<label for="id_type"><?= __("Account Type") ?>:</label>
@@ -32,10 +32,7 @@
 				<?php else: ?>
 				<option value="2"><?= __("Trusted user") ?></option>
 				<?php endif; ?>
-				<?php
-				# Only developers can make another account a developer
-				if ($UTYPE == "Developer"):
-				?>
+				<?php if (has_credential(CRED_ACCOUNT_EDIT_DEV)): ?>
 				<option value="3"
 				<?php $T == 3 ? print " selected=\"selected\">" : print ">";
 				print __("Developer")."\n"; ?>
-- 
cgit v1.2.3-70-g09d2