summaryrefslogtreecommitdiffstats
path: root/web/html/pkgbase.php
diff options
context:
space:
mode:
authorLukas Fleischer <archlinux@cryptocrack.de>2014-07-15 20:52:54 +0200
committerLukas Fleischer <archlinux@cryptocrack.de>2014-07-15 22:56:57 +0200
commit03c6304e19d5d3ecd276dd3f42220db301ab511d (patch)
tree25f58ac23290a9e57f6bd93f6b5c8986bd9fcbef /web/html/pkgbase.php
parent9e6b861b6f40a90363c402b4d26602f33964cf41 (diff)
downloadaur-03c6304e19d5d3ecd276dd3f42220db301ab511d.tar.gz
aur-03c6304e19d5d3ecd276dd3f42220db301ab511d.tar.xz
Rework permission handling
Add a new function has_credential() that checks whether the currently logged in user is allowed to perform a given action. Moving all permission handling to this central place makes adding new user groups and adjusting permissions much more convenient. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/html/pkgbase.php')
-rw-r--r--web/html/pkgbase.php31
1 files changed, 12 insertions, 19 deletions
diff --git a/web/html/pkgbase.php b/web/html/pkgbase.php
index cf2b774e..4f35a67a 100644
--- a/web/html/pkgbase.php
+++ b/web/html/pkgbase.php
@@ -32,13 +32,6 @@ if (!isset($base_id) || !isset($pkgbase_name)) {
/* Set the title to package base name. */
$title = $pkgbase_name;
-/* Retrieve account type. */
-if (isset($_COOKIE["AURSID"])) {
- $atype = account_from_sid($_COOKIE["AURSID"]);
-} else {
- $atype = "";
-}
-
/* Grab the list of package base IDs to be operated on. */
$ids = array();
if (isset($_POST['IDs'])) {
@@ -55,29 +48,29 @@ $ret = false;
$output = "";
if (check_token()) {
if (current_action("do_Flag")) {
- list($ret, $output) = pkgbase_flag($atype, $ids);
+ list($ret, $output) = pkgbase_flag($ids);
} elseif (current_action("do_UnFlag")) {
- list($ret, $output) = pkgbase_unflag($atype, $ids);
+ list($ret, $output) = pkgbase_unflag($ids);
} elseif (current_action("do_Adopt")) {
- list($ret, $output) = pkgbase_adopt($atype, $ids, true, NULL);
+ list($ret, $output) = pkgbase_adopt($ids, true, NULL);
} elseif (current_action("do_Disown")) {
$via = isset($_POST['via']) ? $_POST['via'] : NULL;
- list($ret, $output) = pkgbase_adopt($atype, $ids, false, $via);
+ list($ret, $output) = pkgbase_adopt($ids, false, $via);
} elseif (current_action("do_Vote")) {
- list($ret, $output) = pkgbase_vote($atype, $ids, true);
+ list($ret, $output) = pkgbase_vote($ids, true);
} elseif (current_action("do_UnVote")) {
- list($ret, $output) = pkgbase_vote($atype, $ids, false);
+ list($ret, $output) = pkgbase_vote($ids, false);
} elseif (current_action("do_Delete")) {
if (isset($_POST['confirm_Delete'])) {
$via = isset($_POST['via']) ? $_POST['via'] : NULL;
if (!isset($_POST['merge_Into']) || empty($_POST['merge_Into'])) {
- list($ret, $output) = pkgbase_delete($atype, $ids, NULL, $via);
+ list($ret, $output) = pkgbase_delete($ids, NULL, $via);
unset($_GET['ID']);
}
else {
$merge_base_id = pkgbase_from_name($_POST['merge_Into']);
if ($merge_base_id) {
- list($ret, $output) = pkgbase_delete($atype, $ids, $merge_base_id, $via);
+ list($ret, $output) = pkgbase_delete($ids, $merge_base_id, $via);
unset($_GET['ID']);
} else {
$output = __("Cannot find package to merge votes and comments into.");
@@ -90,13 +83,13 @@ if (check_token()) {
$ret = false;
}
} elseif (current_action("do_Notify")) {
- list($ret, $output) = pkgbase_notify($atype, $ids);
+ list($ret, $output) = pkgbase_notify($ids);
} elseif (current_action("do_UnNotify")) {
- list($ret, $output) = pkgbase_notify($atype, $ids, false);
+ list($ret, $output) = pkgbase_notify($ids, false);
} elseif (current_action("do_DeleteComment")) {
- list($ret, $output) = pkgbase_delete_comment($atype);
+ list($ret, $output) = pkgbase_delete_comment();
} elseif (current_action("do_ChangeCategory")) {
- list($ret, $output) = pkgbase_change_category($base_id, $atype);
+ list($ret, $output) = pkgbase_change_category($base_id);
} elseif (current_action("do_FileRequest")) {
list($ret, $output) = pkgreq_file($ids, $_POST['type'], $_POST['merge_into'], $_POST['comments']);
} elseif (current_action("do_CloseRequest")) {