external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Rework permission handling

Browse source 
Add a new function has_credential() that checks whether the currently
logged in user is allowed to perform a given action. Moving all
permission handling to this central place makes adding new user groups
and adjusting permissions much more convenient.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This commit is contained in:
Lukas Fleischer 2014-07-15 20:52:54 +02:00
parent 9e6b861b6f
commit 03c6304e19
24 changed files with 187 additions and 237 deletions
Download patch file Download diff file Expand all files Collapse all files

5
web/template/actions_form.php
View file

@ -20,12 +20,11 @@
<?php if ($row["OutOfDateTS"] === NULL): ?>
<input type="submit" class="button" name="do_Flag" value="<?= __("Flag Out-of-date") ?>" />
<?php elseif (($row["OutOfDateTS"] !== NULL) &&
($uid == $row["MaintainerUID"] || $atype == "Trusted User" || $atype == "Developer")): ?>
<?php elseif (($row["OutOfDateTS"] !== NULL) && has_credential(CRED_PKGBASE_UNFLAG, array($row["MaintainerUID"]))): ?>
<input type="submit" class="button" name="do_UnFlag" value="<?= __("UnFlag Out-of-date") ?>" />
<?php endif; ?>
<?php if ($atype == "Trusted User" || $atype == "Developer"): ?>
<?php if (has_credential(CRED_PKGBASE_DELETE)): ?>
<input type="submit" class="button" name="do_Delete" value="<?= __("Delete Packages") ?>" />
<label for="merge_Into" ><?= __("Merge into") ?></label>
<input type="text" id="merge_Into" name="merge_Into" />