From 03c6304e19d5d3ecd276dd3f42220db301ab511d Mon Sep 17 00:00:00 2001
From: Lukas Fleischer <archlinux@cryptocrack.de>
Date: Tue, 15 Jul 2014 20:52:54 +0200
Subject: Rework permission handling

Add a new function has_credential() that checks whether the currently
logged in user is allowed to perform a given action. Moving all
permission handling to this central place makes adding new user groups
and adjusting permissions much more convenient.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
---
 web/template/pkg_details.php | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

(limited to 'web/template/pkg_details.php')

diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php
index 6f39514..7f01d2f 100644
--- a/web/template/pkg_details.php
+++ b/web/template/pkg_details.php
@@ -1,5 +1,4 @@
 <?php
-$atype = account_from_sid($SID);
 $uid = uid_from_sid($SID);
 
 $pkgid = intval($row['ID']);
@@ -67,8 +66,7 @@ $sources = pkg_sources($row["ID"]);
 						<input type="submit" class="button text-button" name="do_Flag" value="<?= __('Flag package out-of-date') ?>" />
 					</form>
 				</li>
-				<?php elseif (($row["OutOfDateTS"] !== NULL) &&
-				($uid == $row["MaintainerUID"] || $atype == "Trusted User" || $atype == "Developer")): ?>
+				<?php elseif (($row["OutOfDateTS"] !== NULL) && has_credential(CRED_PKGBASE_UNFLAG, array($row["MaintainerUID"]))): ?>
 				<li>
 					<form action="<?= get_pkgbase_uri($row['BaseName']) . 'unflag/'; ?>" method="post">
 						<input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" />
@@ -108,7 +106,7 @@ $sources = pkg_sources($row["ID"]);
 				<?php endif; ?>
 				<li><span class="flagged"><?php if ($row["RequestCount"] > 0) { echo _n('%d pending request', '%d pending requests', $row["RequestCount"]); } ?></span></li>
 				<li><a href="<?= get_pkgbase_uri($row['BaseName']) . 'request/'; ?>"><?= __('File Request'); ?></a></li>
-				<?php if ($atype == "Trusted User" || $atype == "Developer"): ?>
+				<?php if (has_credential(CRED_PKGBASE_DELETE)): ?>
 				<li><a href="<?= get_pkgbase_uri($row['BaseName']) . 'delete/'; ?>"><?= __('Delete Package'); ?></a></li>
 				<li><a href="<?= get_pkgbase_uri($row['BaseName']) . 'merge/'; ?>"><?= __('Merge Package'); ?></a></li>
 				<?php endif; ?>
@@ -121,8 +119,7 @@ $sources = pkg_sources($row["ID"]);
 						<input type="submit" class="button text-button" name="do_Adopt" value="<?= __('Adopt Package') ?>" />
 					</form>
 				</li>
-				<?php elseif ($uid && $uid == $row["MaintainerUID"] ||
-					$atype == "Trusted User" || $atype == "Developer"): ?>
+				<?php elseif (has_credential(CRED_PKGBASE_DISOWN, array($row["MaintainerUID"]))): ?>
 				<li>
 					<form action="<?= get_pkgbase_uri($row['BaseName']) . 'disown/'; ?>" method="post">
 						<input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" />
@@ -150,8 +147,7 @@ $sources = pkg_sources($row["ID"]);
 		<tr>
 			<th><?= __('Category') . ': ' ?></th>
 <?php
-if ($SID && ($uid == $row["MaintainerUID"] ||
-	($atype == "Developer" || $atype == "Trusted User"))):
+if (has_credential(CRED_PKGBASE_CHANGE_CATEGORY, array($row["MaintainerUID"]))):
 ?>
 			<td>
 				<form method="post" action="<?= htmlspecialchars(get_pkgbase_uri($row['BaseName']), ENT_QUOTES); ?>">
@@ -312,7 +308,7 @@ if ($row["PackagerUID"]):
 		</tr>
 		<tr>
 			<th><?= __('Votes') . ': ' ?></th>
-<?php if ($atype == "Developer" || $atype == "Trusted User"): ?>
+<?php if (has_credential(CRED_PKGBASE_LIST_VOTERS)): ?>
 <?php if ($USE_VIRTUAL_URLS): ?>
 			<td><a href="<?= get_pkgbase_uri($row['BaseName']); ?>voters/"><?= $votes ?></a></td>
 <?php else: ?>
-- 
cgit v1.2.3-70-g09d2