Rework permission handling

Add a new function has_credential() that checks whether the currently
logged in user is allowed to perform a given action. Moving all
permission handling to this central place makes adding new user groups
and adjusting permissions much more convenient.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>

1 files changed, 3 insertions, 3 deletions

diff --git a/web/template/header.php b/web/template/header.php
index 03ce536c..d10b1623 100644
--- a/web/template/header.php
+++ b/web/template/header.php
@@ -57,15 +57,15 @@
 					<li><a href="<?= get_uri('/packages/'); ?>"><?= __("Packages"); ?></a></li>
 					<?php if (isset($_COOKIE['AURSID'])): ?>
 						<li><a href="<?= get_uri('/packages/'); ?>?SeB=m&amp;K=<?= username_from_sid($_COOKIE["AURSID"]); ?>"><?= __("My Packages"); ?></a></li>
-						<?php if (check_user_privileges()): ?>
+						<?php if (has_credential(CRED_PKGREQ_LIST)): ?>
 						<li><a href="<?= get_uri('/requests/') ; ?>"><?= __("Requests"); ?></a></li>
 						<?php endif; ?>
 						<li><a href="<?= get_uri('/submit/'); ?>"><?= __("Submit"); ?></a></li>
-						<?php if (check_user_privileges()): ?>
+						<?php if (has_credential(CRED_ACCOUNT_SEARCH)): ?>
 						<li><a href="<?= get_uri('/accounts/') ; ?>"><?= __("Accounts"); ?></a></li>
 						<?php endif; ?>
 						<li><a href="<?= get_user_uri(username_from_sid($_COOKIE['AURSID'])) . 'edit/'; ?>"><?= __(" My Account"); ?></a></li>
-						<?php if (check_user_privileges()): ?><li><a href="<?= get_uri('/tu/'); ?>"><?= __("Trusted User"); ?></a></li><?php endif; ?>
+						<?php if (has_credential(CRED_TU_LIST_VOTES)): ?><li><a href="<?= get_uri('/tu/'); ?>"><?= __("Trusted User"); ?></a></li><?php endif; ?>
 						<li><a href="<?= get_uri('/logout/'); ?>"><?= __("Logout"); ?></a></li>
 					<?php else: ?>
 						<li><a href="<?= get_uri('/register/'); ?>"><?= __("Register"); ?></a></li>