From 03c6304e19d5d3ecd276dd3f42220db301ab511d Mon Sep 17 00:00:00 2001
From: Lukas Fleischer <archlinux@cryptocrack.de>
Date: Tue, 15 Jul 2014 20:52:54 +0200
Subject: Rework permission handling

Add a new function has_credential() that checks whether the currently
logged in user is allowed to perform a given action. Moving all
permission handling to this central place makes adding new user groups
and adjusting permissions much more convenient.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
---
 web/template/pkg_search_results.php | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

(limited to 'web/template/pkg_search_results.php')

diff --git a/web/template/pkg_search_results.php b/web/template/pkg_search_results.php
index 75131fc..e901408 100644
--- a/web/template/pkg_search_results.php
+++ b/web/template/pkg_search_results.php
@@ -1,10 +1,4 @@
 <?php
-if (isset($_COOKIE['AURSID'])) {
-	$atype = account_from_sid($_COOKIE['AURSID']);
-} else {
-	$atype = "";
-}
-
 if (!$result): ?>
 	<div class="box"><p><?= __("Error retrieving package list.") ?></p></div>
 <?php elseif ($total == 0): ?>
@@ -119,13 +113,13 @@ if (!$result): ?>
 						<option value="do_UnFlag"><?= __("Unflag Out-of-date") ?></option>
 						<option value="do_Adopt"><?= __("Adopt Packages") ?></option>
 						<option value="do_Disown"><?= __("Disown Packages") ?></option>
-						<?php if ($atype == "Trusted User" || $atype == "Developer"): ?>
+						<?php if (has_credential(CRED_PKGBASE_DELETE)): ?>
 						<option value="do_Delete"><?= __("Delete Packages") ?></option>
 						<?php endif; ?>
 						<option value="do_Notify"><?= __("Notify") ?></option>
 						<option value="do_UnNotify"><?= __("UnNotify") ?></option>
 					</select>
-					<?php if ($atype == "Trusted User" || $atype == "Developer"): ?>
+					<?php if (has_credential(CRED_PKGBASE_DELETE)): ?>
 						<label for="merge_Into"><?= __("Merge into") ?></label>
 						<input type="text" id="merge_Into" name="merge_Into" />
 						<input type="checkbox" name="confirm_Delete" value="1" /> <?= __("Confirm") ?>
-- 
cgit v1.2.3-54-g00ecf