From 03c6304e19d5d3ecd276dd3f42220db301ab511d Mon Sep 17 00:00:00 2001
From: Lukas Fleischer <archlinux@cryptocrack.de>
Date: Tue, 15 Jul 2014 20:52:54 +0200
Subject: Rework permission handling

Add a new function has_credential() that checks whether the currently
logged in user is allowed to perform a given action. Moving all
permission handling to this central place makes adding new user groups
and adjusting permissions much more convenient.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
---
 web/template/pkgbase_details.php | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

(limited to 'web/template/pkgbase_details.php')

diff --git a/web/template/pkgbase_details.php b/web/template/pkgbase_details.php
index 64df72b2..fb11e60c 100644
--- a/web/template/pkgbase_details.php
+++ b/web/template/pkgbase_details.php
@@ -1,5 +1,4 @@
 <?php
-$atype = account_from_sid($SID);
 $uid = uid_from_sid($SID);
 
 $base_id = intval($row['ID']);
@@ -42,8 +41,7 @@ $pkgs = pkgbase_get_pkgnames($base_id);
 						<input type="submit" class="button text-button" name="do_Flag" value="<?= __('Flag package out-of-date') ?>" />
 					</form>
 				</li>
-				<?php elseif (($row["OutOfDateTS"] !== NULL) &&
-				($uid == $row["MaintainerUID"] || $atype == "Trusted User" || $atype == "Developer")): ?>
+				<?php elseif (($row["OutOfDateTS"] !== NULL) && has_credential(CRED_PKGBASE_UNFLAG, array($row["MaintainerUID"]))): ?>
 				<li>
 					<form action="<?= get_pkgbase_uri($row['Name']) . 'unflag/'; ?>" method="post">
 						<input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" />
@@ -83,7 +81,7 @@ $pkgs = pkgbase_get_pkgnames($base_id);
 				<?php endif; ?>
 				<li><span class="flagged"><?php if ($row["RequestCount"] > 0) { echo _n('%d pending request', '%d pending requests', $row["RequestCount"]); } ?></span></li>
 				<li><a href="<?= get_pkgbase_uri($row['Name']) . 'request/'; ?>"><?= __('File Request'); ?></a></li>
-				<?php if ($atype == "Trusted User" || $atype == "Developer"): ?>
+				<?php if (has_credential(CRED_PKGBASE_DELETE)): ?>
 				<li><a href="<?= get_pkgbase_uri($row['Name']) . 'delete/'; ?>"><?= __('Delete Package'); ?></a></li>
 				<li><a href="<?= get_pkgbase_uri($row['Name']) . 'merge/'; ?>"><?= __('Merge Package'); ?></a></li>
 				<?php endif; ?>
@@ -96,8 +94,7 @@ $pkgs = pkgbase_get_pkgnames($base_id);
 						<input type="submit" class="button text-button" name="do_Adopt" value="<?= __('Adopt Package') ?>" />
 					</form>
 				</li>
-				<?php elseif ($uid && $uid == $row["MaintainerUID"] ||
-					$atype == "Trusted User" || $atype == "Developer"): ?>
+				<?php elseif (has_credential(CRED_PKGBASE_DISOWN, array($row["MaintainerUID"]))): ?>
 				<li>
 					<form action="<?= get_pkgbase_uri($row['Name']) . 'disown/'; ?>" method="post">
 						<input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" />
@@ -113,8 +110,7 @@ $pkgs = pkgbase_get_pkgnames($base_id);
 		<tr>
 			<th><?= __('Category') . ': ' ?></th>
 <?php
-if ($SID && ($uid == $row["MaintainerUID"] ||
-	($atype == "Developer" || $atype == "Trusted User"))):
+if (has_credential(CRED_PKGBASE_CHANGE_CATEGORY, array($row["MaintainerUID"]))):
 ?>
 			<td>
 				<form method="post" action="<?= htmlspecialchars(get_pkgbase_uri($row['Name']), ENT_QUOTES); ?>">
@@ -195,7 +191,7 @@ if ($row["PackagerUID"]):
 		</tr>
 		<tr>
 			<th><?= __('Votes') . ': ' ?></th>
-<?php if ($atype == "Developer" || $atype == "Trusted User"): ?>
+<?php if (has_credential(CRED_PKGBASE_LIST_VOTERS)): ?>
 <?php if ($USE_VIRTUAL_URLS): ?>
 			<td><a href="<?= get_pkgbase_uri($row['Name']); ?>voters/"><?= $votes ?></a></td>
 <?php else: ?>
-- 
cgit v1.2.3-24-g4f1b