external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Rework permission handling

Browse source 
Add a new function has_credential() that checks whether the currently
logged in user is allowed to perform a given action. Moving all
permission handling to this central place makes adding new user groups
and adjusting permissions much more convenient.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This commit is contained in:
Lukas Fleischer 2014-07-15 20:52:54 +02:00
parent 9e6b861b6f
commit 03c6304e19
24 changed files with 187 additions and 237 deletions
Download patch file Download diff file Expand all files Collapse all files

4
web/template/account_details.php
View file

@ -43,7 +43,7 @@
<?= $row["InactivityTS"] ? __("Inactive since") . ' ' . date("Y-m-d H:i", $row["InactivityTS"]) : __("Active"); ?>
</td>
</tr>
<?php if ($atype == "Trusted User" || $atype == "Developer"): ?>
<?php if (has_credential(CRED_ACCOUNT_LAST_LOGIN)): ?>
<tr>
<th><?= __("Last Login") . ":" ?></th>
<td>
@ -55,7 +55,7 @@
<th>Links:</th>
<td><ul>
<li><a href="<?= get_uri('/packages/'); ?>?K=<?= $row['Username'] ?>&amp;SeB=m"><?= __("View this user's packages") ?></a></li>
<?php if (can_edit_account($atype, $row, uid_from_sid($_COOKIE['AURSID']))): ?>
<?php if (can_edit_account($row)): ?>
<li><a href="<?= get_user_uri($row['Username']); ?>edit"><?= __("Edit this user's account") ?></a></li>
<?php endif; ?>
</ul></td>

7
web/template/account_edit_form.php
View file

@ -17,7 +17,7 @@
</p>
<?php
# Only TUs or Devs can promote/demote/suspend a user
if ($UTYPE == "Trusted User" || $UTYPE == "Developer"):
if (has_credential(CRED_ACCOUNT_CHANGE_TYPE)):
?>
<p>
<label for="id_type"><?= __("Account Type") ?>:</label>
@ -32,10 +32,7 @@
<?php else: ?>
<option value="2"><?= __("Trusted user") ?></option>
<?php endif; ?>
<?php
# Only developers can make another account a developer
if ($UTYPE == "Developer"):
?>
<?php if (has_credential(CRED_ACCOUNT_EDIT_DEV)): ?>
<option value="3"
<?php $T == 3 ? print " selected=\"selected\">" : print ">";
print __("Developer")."\n"; ?>

11
web/template/account_search_results.php
View file

@ -42,13 +42,10 @@ else:
<td><?php $row["IRCNick"] ? print htmlspecialchars($row["IRCNick"],ENT_QUOTES) : print "&nbsp;" ?></td>
<td><?php $row["PGPKey"] ? print html_format_pgp_fingerprint($row["PGPKey"]) : print "&nbsp;" ?></td>
<td>
<?php
if ($UTYPE == "Trusted User" && $row["AccountType"] == "Developer"):
# TUs can't edit devs
print "&nbsp;";
else:
?>
<a href="<?= get_user_uri($row["Username"]) . "edit/" ?>"><?= __("Edit") ?></a>
<?php if (can_edit_account($row)): ?>
<a href="<?= get_user_uri($row["Username"]) . "edit/" ?>"><?= __("Edit") ?></a>
<?php else: ?>
&nbsp;
<?php endif; ?>
</td>
</tr>

5
web/template/actions_form.php
View file

@ -20,12 +20,11 @@
<?php if ($row["OutOfDateTS"] === NULL): ?>
<input type="submit" class="button" name="do_Flag" value="<?= __("Flag Out-of-date") ?>" />
<?php elseif (($row["OutOfDateTS"] !== NULL) &&
($uid == $row["MaintainerUID"] || $atype == "Trusted User" || $atype == "Developer")): ?>
<?php elseif (($row["OutOfDateTS"] !== NULL) && has_credential(CRED_PKGBASE_UNFLAG, array($row["MaintainerUID"]))): ?>
<input type="submit" class="button" name="do_UnFlag" value="<?= __("UnFlag Out-of-date") ?>" />
<?php endif; ?>
<?php if ($atype == "Trusted User" || $atype == "Developer"): ?>
<?php if (has_credential(CRED_PKGBASE_DELETE)): ?>
<input type="submit" class="button" name="do_Delete" value="<?= __("Delete Packages") ?>" />
<label for="merge_Into" ><?= __("Merge into") ?></label>
<input type="text" id="merge_Into" name="merge_Into" />

6
web/template/header.php
View file

@ -57,15 +57,15 @@
<li><a href="<?= get_uri('/packages/'); ?>"><?= __("Packages"); ?></a></li>
<?php if (isset($_COOKIE['AURSID'])): ?>
<li><a href="<?= get_uri('/packages/'); ?>?SeB=m&amp;K=<?= username_from_sid($_COOKIE["AURSID"]); ?>"><?= __("My Packages"); ?></a></li>
<?php if (check_user_privileges()): ?>
<?php if (has_credential(CRED_PKGREQ_LIST)): ?>
<li><a href="<?= get_uri('/requests/') ; ?>"><?= __("Requests"); ?></a></li>
<?php endif; ?>
<li><a href="<?= get_uri('/submit/'); ?>"><?= __("Submit"); ?></a></li>
<?php if (check_user_privileges()): ?>
<?php if (has_credential(CRED_ACCOUNT_SEARCH)): ?>
<li><a href="<?= get_uri('/accounts/') ; ?>"><?= __("Accounts"); ?></a></li>
<?php endif; ?>
<li><a href="<?= get_user_uri(username_from_sid($_COOKIE['AURSID'])) . 'edit/'; ?>"><?= __(" My Account"); ?></a></li>
<?php if (check_user_privileges()): ?><li><a href="<?= get_uri('/tu/'); ?>"><?= __("Trusted User"); ?></a></li><?php endif; ?>
<?php if (has_credential(CRED_TU_LIST_VOTES)): ?><li><a href="<?= get_uri('/tu/'); ?>"><?= __("Trusted User"); ?></a></li><?php endif; ?>
<li><a href="<?= get_uri('/logout/'); ?>"><?= __("Logout"); ?></a></li>
<?php else: ?>
<li><a href="<?= get_uri('/register/'); ?>"><?= __("Register"); ?></a></li>

3
web/template/pkg_comments.php
View file

@ -1,5 +1,4 @@
<?php
$uid = uid_from_sid($SID);
$base_id = pkgbase_from_pkgid($row['ID']);
$count = pkgbase_comments_count($base_id);
?>
@ -14,7 +13,7 @@ $count = pkgbase_comments_count($base_id);
$row['UserName'] = "<a href=\"" . get_user_uri($row['UserName']) . "\">{$row['UserName']}</a>";
endif; ?>
<h4>
<?php if (can_delete_comment_array($row, $atype, $uid)): ?>
<?php if (can_delete_comment_array($row)): ?>
<form method="post" action="<?= htmlspecialchars(get_pkgbase_uri($pkgbase_name), ENT_QUOTES); ?>">
<fieldset style="display:inline;">
<input type="hidden" name="action" value="do_DeleteComment" />

14
web/template/pkg_details.php
View file

@ -1,5 +1,4 @@
<?php
$atype = account_from_sid($SID);
$uid = uid_from_sid($SID);
$pkgid = intval($row['ID']);
@ -67,8 +66,7 @@ $sources = pkg_sources($row["ID"]);
<input type="submit" class="button text-button" name="do_Flag" value="<?= __('Flag package out-of-date') ?>" />
</form>
</li>
<?php elseif (($row["OutOfDateTS"] !== NULL) &&
($uid == $row["MaintainerUID"] || $atype == "Trusted User" || $atype == "Developer")): ?>
<?php elseif (($row["OutOfDateTS"] !== NULL) && has_credential(CRED_PKGBASE_UNFLAG, array($row["MaintainerUID"]))): ?>
<li>
<form action="<?= get_pkgbase_uri($row['BaseName']) . 'unflag/'; ?>" method="post">
<input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" />
@ -108,7 +106,7 @@ $sources = pkg_sources($row["ID"]);
<?php endif; ?>
<li><span class="flagged"><?php if ($row["RequestCount"] > 0) { echo _n('%d pending request', '%d pending requests', $row["RequestCount"]); } ?></span></li>
<li><a href="<?= get_pkgbase_uri($row['BaseName']) . 'request/'; ?>"><?= __('File Request'); ?></a></li>
<?php if ($atype == "Trusted User" || $atype == "Developer"): ?>
<?php if (has_credential(CRED_PKGBASE_DELETE)): ?>
<li><a href="<?= get_pkgbase_uri($row['BaseName']) . 'delete/'; ?>"><?= __('Delete Package'); ?></a></li>
<li><a href="<?= get_pkgbase_uri($row['BaseName']) . 'merge/'; ?>"><?= __('Merge Package'); ?></a></li>
<?php endif; ?>
@ -121,8 +119,7 @@ $sources = pkg_sources($row["ID"]);
<input type="submit" class="button text-button" name="do_Adopt" value="<?= __('Adopt Package') ?>" />
</form>
</li>
<?php elseif ($uid && $uid == $row["MaintainerUID"] ||
$atype == "Trusted User" || $atype == "Developer"): ?>
<?php elseif (has_credential(CRED_PKGBASE_DISOWN, array($row["MaintainerUID"]))): ?>
<li>
<form action="<?= get_pkgbase_uri($row['BaseName']) . 'disown/'; ?>" method="post">
<input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" />
@ -150,8 +147,7 @@ $sources = pkg_sources($row["ID"]);
<tr>
<th><?= __('Category') . ': ' ?></th>
<?php
if ($SID && ($uid == $row["MaintainerUID"] ||
($atype == "Developer" || $atype == "Trusted User"))):
if (has_credential(CRED_PKGBASE_CHANGE_CATEGORY, array($row["MaintainerUID"]))):
?>
<td>
<form method="post" action="<?= htmlspecialchars(get_pkgbase_uri($row['BaseName']), ENT_QUOTES); ?>">
@ -312,7 +308,7 @@ if ($row["PackagerUID"]):
</tr>
<tr>
<th><?= __('Votes') . ': ' ?></th>
<?php if ($atype == "Developer" || $atype == "Trusted User"): ?>
<?php if (has_credential(CRED_PKGBASE_LIST_VOTERS)): ?>
<?php if ($USE_VIRTUAL_URLS): ?>
<td><a href="<?= get_pkgbase_uri($row['BaseName']); ?>voters/"><?= $votes ?></a></td>
<?php else: ?>

10
web/template/pkg_search_results.php
View file

@ -1,10 +1,4 @@
<?php
if (isset($_COOKIE['AURSID'])) {
$atype = account_from_sid($_COOKIE['AURSID']);
} else {
$atype = "";
}
if (!$result): ?>
<div class="box"><p><?= __("Error retrieving package list.") ?></p></div>
<?php elseif ($total == 0): ?>
@ -119,13 +113,13 @@ if (!$result): ?>
<option value="do_UnFlag"><?= __("Unflag Out-of-date") ?></option>
<option value="do_Adopt"><?= __("Adopt Packages") ?></option>
<option value="do_Disown"><?= __("Disown Packages") ?></option>
<?php if ($atype == "Trusted User" || $atype == "Developer"): ?>
<?php if (has_credential(CRED_PKGBASE_DELETE)): ?>
<option value="do_Delete"><?= __("Delete Packages") ?></option>
<?php endif; ?>
<option value="do_Notify"><?= __("Notify") ?></option>
<option value="do_UnNotify"><?= __("UnNotify") ?></option>
</select>
<?php if ($atype == "Trusted User" || $atype == "Developer"): ?>
<?php if (has_credential(CRED_PKGBASE_DELETE)): ?>
<label for="merge_Into"><?= __("Merge into") ?></label>
<input type="text" id="merge_Into" name="merge_Into" />
<input type="checkbox" name="confirm_Delete" value="1" /> <?= __("Confirm") ?>

14
web/template/pkgbase_details.php
View file

@ -1,5 +1,4 @@
<?php
$atype = account_from_sid($SID);
$uid = uid_from_sid($SID);
$base_id = intval($row['ID']);
@ -42,8 +41,7 @@ $pkgs = pkgbase_get_pkgnames($base_id);
<input type="submit" class="button text-button" name="do_Flag" value="<?= __('Flag package out-of-date') ?>" />
</form>
</li>
<?php elseif (($row["OutOfDateTS"] !== NULL) &&
($uid == $row["MaintainerUID"] || $atype == "Trusted User" || $atype == "Developer")): ?>
<?php elseif (($row["OutOfDateTS"] !== NULL) && has_credential(CRED_PKGBASE_UNFLAG, array($row["MaintainerUID"]))): ?>
<li>
<form action="<?= get_pkgbase_uri($row['Name']) . 'unflag/'; ?>" method="post">
<input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" />
@ -83,7 +81,7 @@ $pkgs = pkgbase_get_pkgnames($base_id);
<?php endif; ?>
<li><span class="flagged"><?php if ($row["RequestCount"] > 0) { echo _n('%d pending request', '%d pending requests', $row["RequestCount"]); } ?></span></li>
<li><a href="<?= get_pkgbase_uri($row['Name']) . 'request/'; ?>"><?= __('File Request'); ?></a></li>
<?php if ($atype == "Trusted User" || $atype == "Developer"): ?>
<?php if (has_credential(CRED_PKGBASE_DELETE)): ?>
<li><a href="<?= get_pkgbase_uri($row['Name']) . 'delete/'; ?>"><?= __('Delete Package'); ?></a></li>
<li><a href="<?= get_pkgbase_uri($row['Name']) . 'merge/'; ?>"><?= __('Merge Package'); ?></a></li>
<?php endif; ?>
@ -96,8 +94,7 @@ $pkgs = pkgbase_get_pkgnames($base_id);
<input type="submit" class="button text-button" name="do_Adopt" value="<?= __('Adopt Package') ?>" />
</form>
</li>
<?php elseif ($uid && $uid == $row["MaintainerUID"] ||
$atype == "Trusted User" || $atype == "Developer"): ?>
<?php elseif (has_credential(CRED_PKGBASE_DISOWN, array($row["MaintainerUID"]))): ?>
<li>
<form action="<?= get_pkgbase_uri($row['Name']) . 'disown/'; ?>" method="post">
<input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" />
@ -113,8 +110,7 @@ $pkgs = pkgbase_get_pkgnames($base_id);
<tr>
<th><?= __('Category') . ': ' ?></th>
<?php
if ($SID && ($uid == $row["MaintainerUID"] ||
($atype == "Developer" || $atype == "Trusted User"))):
if (has_credential(CRED_PKGBASE_CHANGE_CATEGORY, array($row["MaintainerUID"]))):
?>
<td>
<form method="post" action="<?= htmlspecialchars(get_pkgbase_uri($row['Name']), ENT_QUOTES); ?>">
@ -195,7 +191,7 @@ if ($row["PackagerUID"]):
</tr>
<tr>
<th><?= __('Votes') . ': ' ?></th>
<?php if ($atype == "Developer" || $atype == "Trusted User"): ?>
<?php if (has_credential(CRED_PKGBASE_LIST_VOTERS)): ?>
<?php if ($USE_VIRTUAL_URLS): ?>
<td><a href="<?= get_pkgbase_uri($row['Name']); ?>voters/"><?= $votes ?></a></td>
<?php else: ?>