From 03c6304e19d5d3ecd276dd3f42220db301ab511d Mon Sep 17 00:00:00 2001
From: Lukas Fleischer <archlinux@cryptocrack.de>
Date: Tue, 15 Jul 2014 20:52:54 +0200
Subject: Rework permission handling

Add a new function has_credential() that checks whether the currently
logged in user is allowed to perform a given action. Moving all
permission handling to this central place makes adding new user groups
and adjusting permissions much more convenient.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
---
 web/lib/aur.inc.php | 11 +----------
 1 file changed, 1 insertion(+), 10 deletions(-)

(limited to 'web/lib/aur.inc.php')

diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php
index 7fa792bb..82730bb5 100644
--- a/web/lib/aur.inc.php
+++ b/web/lib/aur.inc.php
@@ -16,6 +16,7 @@ include_once("routing.inc.php");
 include_once("version.inc.php");
 include_once("acctfuncs.inc.php");
 include_once("cachefuncs.inc.php");
+include_once("credentials.inc.php");
 
 /**
  * Check if a visitor is logged in
@@ -406,16 +407,6 @@ function uid_from_email($email) {
 	return $row[0];
 }
 
-/**
- * Determine if a user has TU or Developer privileges
- *
- * @return bool Return true if the user is a TU or developer, otherwise false
- */
-function check_user_privileges() {
-	$type = account_from_sid($_COOKIE['AURSID']);
-	return ($type == 'Trusted User' || $type == 'Developer');
-}
-
 /**
  * Generate clean url with edited/added user values
  *
-- 
cgit v1.2.3-24-g4f1b