summaryrefslogtreecommitdiffstats
path: root/web/template/pkgbase_details.php
diff options
context:
space:
mode:
authorLukas Fleischer <archlinux@cryptocrack.de>2014-07-15 20:52:54 +0200
committerLukas Fleischer <archlinux@cryptocrack.de>2014-07-15 22:56:57 +0200
commit03c6304e19d5d3ecd276dd3f42220db301ab511d (patch)
tree25f58ac23290a9e57f6bd93f6b5c8986bd9fcbef /web/template/pkgbase_details.php
parent9e6b861b6f40a90363c402b4d26602f33964cf41 (diff)
downloadaur-03c6304e19d5d3ecd276dd3f42220db301ab511d.tar.gz
aur-03c6304e19d5d3ecd276dd3f42220db301ab511d.tar.xz
Rework permission handling
Add a new function has_credential() that checks whether the currently logged in user is allowed to perform a given action. Moving all permission handling to this central place makes adding new user groups and adjusting permissions much more convenient. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/template/pkgbase_details.php')
-rw-r--r--web/template/pkgbase_details.php14
1 files changed, 5 insertions, 9 deletions
diff --git a/web/template/pkgbase_details.php b/web/template/pkgbase_details.php
index 64df72b2..fb11e60c 100644
--- a/web/template/pkgbase_details.php
+++ b/web/template/pkgbase_details.php
@@ -1,5 +1,4 @@
<?php
-$atype = account_from_sid($SID);
$uid = uid_from_sid($SID);
$base_id = intval($row['ID']);
@@ -42,8 +41,7 @@ $pkgs = pkgbase_get_pkgnames($base_id);
<input type="submit" class="button text-button" name="do_Flag" value="<?= __('Flag package out-of-date') ?>" />
</form>
</li>
- <?php elseif (($row["OutOfDateTS"] !== NULL) &&
- ($uid == $row["MaintainerUID"] || $atype == "Trusted User" || $atype == "Developer")): ?>
+ <?php elseif (($row["OutOfDateTS"] !== NULL) && has_credential(CRED_PKGBASE_UNFLAG, array($row["MaintainerUID"]))): ?>
<li>
<form action="<?= get_pkgbase_uri($row['Name']) . 'unflag/'; ?>" method="post">
<input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" />
@@ -83,7 +81,7 @@ $pkgs = pkgbase_get_pkgnames($base_id);
<?php endif; ?>
<li><span class="flagged"><?php if ($row["RequestCount"] > 0) { echo _n('%d pending request', '%d pending requests', $row["RequestCount"]); } ?></span></li>
<li><a href="<?= get_pkgbase_uri($row['Name']) . 'request/'; ?>"><?= __('File Request'); ?></a></li>
- <?php if ($atype == "Trusted User" || $atype == "Developer"): ?>
+ <?php if (has_credential(CRED_PKGBASE_DELETE)): ?>
<li><a href="<?= get_pkgbase_uri($row['Name']) . 'delete/'; ?>"><?= __('Delete Package'); ?></a></li>
<li><a href="<?= get_pkgbase_uri($row['Name']) . 'merge/'; ?>"><?= __('Merge Package'); ?></a></li>
<?php endif; ?>
@@ -96,8 +94,7 @@ $pkgs = pkgbase_get_pkgnames($base_id);
<input type="submit" class="button text-button" name="do_Adopt" value="<?= __('Adopt Package') ?>" />
</form>
</li>
- <?php elseif ($uid && $uid == $row["MaintainerUID"] ||
- $atype == "Trusted User" || $atype == "Developer"): ?>
+ <?php elseif (has_credential(CRED_PKGBASE_DISOWN, array($row["MaintainerUID"]))): ?>
<li>
<form action="<?= get_pkgbase_uri($row['Name']) . 'disown/'; ?>" method="post">
<input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" />
@@ -113,8 +110,7 @@ $pkgs = pkgbase_get_pkgnames($base_id);
<tr>
<th><?= __('Category') . ': ' ?></th>
<?php
-if ($SID && ($uid == $row["MaintainerUID"] ||
- ($atype == "Developer" || $atype == "Trusted User"))):
+if (has_credential(CRED_PKGBASE_CHANGE_CATEGORY, array($row["MaintainerUID"]))):
?>
<td>
<form method="post" action="<?= htmlspecialchars(get_pkgbase_uri($row['Name']), ENT_QUOTES); ?>">
@@ -195,7 +191,7 @@ if ($row["PackagerUID"]):
</tr>
<tr>
<th><?= __('Votes') . ': ' ?></th>
-<?php if ($atype == "Developer" || $atype == "Trusted User"): ?>
+<?php if (has_credential(CRED_PKGBASE_LIST_VOTERS)): ?>
<?php if ($USE_VIRTUAL_URLS): ?>
<td><a href="<?= get_pkgbase_uri($row['Name']); ?>voters/"><?= $votes ?></a></td>
<?php else: ?>