Closed #43
This commit is contained in:
Marcin Kurczewski
parent
73050f159f
commit
019e7eea7f
9 changed files with 75 additions and 81 deletions
|
|
@ -17,7 +17,7 @@ class CommentController
|
||||||
|
|
||||||
$page = intval($page);
|
$page = intval($page);
|
||||||
$commentsPerPage = intval($this->config->comments->commentsPerPage);
|
$commentsPerPage = intval($this->config->comments->commentsPerPage);
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ListComments);
|
PrivilegesHelper::confirmWithException(Privilege::ListComments);
|
||||||
|
|
||||||
$buildDbQuery = function($dbQuery)
|
$buildDbQuery = function($dbQuery)
|
||||||
{
|
{
|
||||||
|
|
@ -59,7 +59,7 @@ class CommentController
|
||||||
*/
|
*/
|
||||||
public function addAction($postId)
|
public function addAction($postId)
|
||||||
{
|
{
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::AddComment);
|
PrivilegesHelper::confirmWithException(Privilege::AddComment);
|
||||||
if ($this->config->registration->needEmailForCommenting)
|
if ($this->config->registration->needEmailForCommenting)
|
||||||
PrivilegesHelper::confirmEmail($this->context->user);
|
PrivilegesHelper::confirmEmail($this->context->user);
|
||||||
|
|
||||||
|
|
@ -90,8 +90,7 @@ class CommentController
|
||||||
public function deleteAction($id)
|
public function deleteAction($id)
|
||||||
{
|
{
|
||||||
$comment = Model_Comment::locate($id);
|
$comment = Model_Comment::locate($id);
|
||||||
$secondary = $comment->commenter->id == $this->context->user->id ? 'own' : 'all';
|
PrivilegesHelper::confirmWithException(Privilege::DeleteComment, PrivilegesHelper::getIdentitySubPrivilege($comment->commenter));
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::DeleteComment, $secondary);
|
|
||||||
R::trash($comment);
|
R::trash($comment);
|
||||||
$this->context->transport->success = true;
|
$this->context->transport->success = true;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -80,7 +80,7 @@ class PostController
|
||||||
$postsPerPage = intval($this->config->browsing->postsPerPage);
|
$postsPerPage = intval($this->config->browsing->postsPerPage);
|
||||||
$this->context->subTitle = 'browsing posts';
|
$this->context->subTitle = 'browsing posts';
|
||||||
$this->context->transport->searchQuery = $query;
|
$this->context->transport->searchQuery = $query;
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ListPosts);
|
PrivilegesHelper::confirmWithException(Privilege::ListPosts);
|
||||||
|
|
||||||
$buildDbQuery = function($dbQuery, $query)
|
$buildDbQuery = function($dbQuery, $query)
|
||||||
{
|
{
|
||||||
|
|
@ -90,7 +90,7 @@ class PostController
|
||||||
/* safety */
|
/* safety */
|
||||||
$allowedSafety = array_filter(PostSafety::getAll(), function($safety)
|
$allowedSafety = array_filter(PostSafety::getAll(), function($safety)
|
||||||
{
|
{
|
||||||
return PrivilegesHelper::confirm($this->context->user, Privilege::ListPosts, PostSafety::toString($safety)) and
|
return PrivilegesHelper::confirm(Privilege::ListPosts, PostSafety::toString($safety)) and
|
||||||
$this->context->user->hasEnabledSafety($safety);
|
$this->context->user->hasEnabledSafety($safety);
|
||||||
});
|
});
|
||||||
$dbQuery->where('safety IN (' . R::genSlots($allowedSafety) . ')');
|
$dbQuery->where('safety IN (' . R::genSlots($allowedSafety) . ')');
|
||||||
|
|
@ -99,7 +99,7 @@ class PostController
|
||||||
|
|
||||||
|
|
||||||
/* hidden */
|
/* hidden */
|
||||||
if (!PrivilegesHelper::confirm($this->context->user, Privilege::ListPosts, 'hidden'))
|
if (!PrivilegesHelper::confirm(Privilege::ListPosts, 'hidden'))
|
||||||
$dbQuery->andNot('hidden');
|
$dbQuery->andNot('hidden');
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -158,7 +158,7 @@ class PostController
|
||||||
$this->context->stylesheets []= 'upload.css';
|
$this->context->stylesheets []= 'upload.css';
|
||||||
$this->context->scripts []= 'upload.js';
|
$this->context->scripts []= 'upload.js';
|
||||||
$this->context->subTitle = 'upload';
|
$this->context->subTitle = 'upload';
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::UploadPost);
|
PrivilegesHelper::confirmWithException(Privilege::UploadPost);
|
||||||
if ($this->config->registration->needEmailForUploading)
|
if ($this->config->registration->needEmailForUploading)
|
||||||
PrivilegesHelper::confirmEmail($this->context->user);
|
PrivilegesHelper::confirmEmail($this->context->user);
|
||||||
|
|
||||||
|
|
@ -246,7 +246,6 @@ class PostController
|
||||||
$post = Model_Post::locate($id);
|
$post = Model_Post::locate($id);
|
||||||
R::preload($post, ['uploader' => 'user']);
|
R::preload($post, ['uploader' => 'user']);
|
||||||
$edited = false;
|
$edited = false;
|
||||||
$secondary = $post->uploader->id == $this->context->user->id ? 'own' : 'all';
|
|
||||||
|
|
||||||
$this->context->transport->post = $post;
|
$this->context->transport->post = $post;
|
||||||
|
|
||||||
|
|
@ -254,7 +253,7 @@ class PostController
|
||||||
$suppliedSafety = InputHelper::get('safety');
|
$suppliedSafety = InputHelper::get('safety');
|
||||||
if ($suppliedSafety !== null)
|
if ($suppliedSafety !== null)
|
||||||
{
|
{
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::EditPostSafety, $secondary);
|
PrivilegesHelper::confirmWithException(Privilege::EditPostSafety, PrivilegesHelper::getIdentitySubPrivilege($post->uploader));
|
||||||
$suppliedSafety = Model_Post::validateSafety($suppliedSafety);
|
$suppliedSafety = Model_Post::validateSafety($suppliedSafety);
|
||||||
$post->safety = $suppliedSafety;
|
$post->safety = $suppliedSafety;
|
||||||
$edited = true;
|
$edited = true;
|
||||||
|
|
@ -265,7 +264,7 @@ class PostController
|
||||||
$suppliedTags = InputHelper::get('tags');
|
$suppliedTags = InputHelper::get('tags');
|
||||||
if ($suppliedTags !== null)
|
if ($suppliedTags !== null)
|
||||||
{
|
{
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::EditPostTags, $secondary);
|
PrivilegesHelper::confirmWithException(Privilege::EditPostTags, PrivilegesHelper::getIdentitySubPrivilege($post->uploader));
|
||||||
$currentToken = self::serializeTags($post);
|
$currentToken = self::serializeTags($post);
|
||||||
if (InputHelper::get('tags-token') != $currentToken)
|
if (InputHelper::get('tags-token') != $currentToken)
|
||||||
throw new SimpleException('Someone else has changed the tags in the meantime');
|
throw new SimpleException('Someone else has changed the tags in the meantime');
|
||||||
|
|
@ -280,7 +279,7 @@ class PostController
|
||||||
/* thumbnail */
|
/* thumbnail */
|
||||||
if (!empty($_FILES['thumb']['name']))
|
if (!empty($_FILES['thumb']['name']))
|
||||||
{
|
{
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::EditPostThumb, $secondary);
|
PrivilegesHelper::confirmWithException(Privilege::EditPostThumb, PrivilegesHelper::getIdentitySubPrivilege($post->uploader));
|
||||||
$suppliedFile = $_FILES['thumb'];
|
$suppliedFile = $_FILES['thumb'];
|
||||||
self::handleUploadErrors($suppliedFile);
|
self::handleUploadErrors($suppliedFile);
|
||||||
|
|
||||||
|
|
@ -312,8 +311,7 @@ class PostController
|
||||||
public function hideAction($id)
|
public function hideAction($id)
|
||||||
{
|
{
|
||||||
$post = Model_Post::locate($id);
|
$post = Model_Post::locate($id);
|
||||||
$secondary = $post->uploader->id == $this->context->user->id ? 'own' : 'all';
|
PrivilegesHelper::confirmWithException(Privilege::HidePost, PrivilegesHelper::getIdentitySubPrivilege($post->uploader));
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::HidePost, $secondary);
|
|
||||||
$post->hidden = true;
|
$post->hidden = true;
|
||||||
R::store($post);
|
R::store($post);
|
||||||
$this->context->transport->success = true;
|
$this->context->transport->success = true;
|
||||||
|
|
@ -325,8 +323,7 @@ class PostController
|
||||||
public function unhideAction($id)
|
public function unhideAction($id)
|
||||||
{
|
{
|
||||||
$post = Model_Post::locate($id);
|
$post = Model_Post::locate($id);
|
||||||
$secondary = $post->uploader->id == $this->context->user->id ? 'own' : 'all';
|
PrivilegesHelper::confirmWithException(Privilege::HidePost, PrivilegesHelper::getIdentitySubPrivilege($post->uploader));
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::HidePost, $secondary);
|
|
||||||
$post->hidden = false;
|
$post->hidden = false;
|
||||||
R::store($post);
|
R::store($post);
|
||||||
$this->context->transport->success = true;
|
$this->context->transport->success = true;
|
||||||
|
|
@ -338,8 +335,7 @@ class PostController
|
||||||
public function deleteAction($id)
|
public function deleteAction($id)
|
||||||
{
|
{
|
||||||
$post = Model_Post::locate($id);
|
$post = Model_Post::locate($id);
|
||||||
$secondary = $post->uploader->id == $this->context->user->id ? 'own' : 'all';
|
PrivilegesHelper::confirmWithException(Privilege::DeletePost, PrivilegesHelper::getIdentitySubPrivilege($post->uploader));
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::DeletePost, $secondary);
|
|
||||||
//remove stuff from auxiliary tables
|
//remove stuff from auxiliary tables
|
||||||
$post->ownFavoritee = [];
|
$post->ownFavoritee = [];
|
||||||
$post->sharedTag = [];
|
$post->sharedTag = [];
|
||||||
|
|
@ -366,7 +362,7 @@ class PostController
|
||||||
if ($fav->id == $this->context->user->id)
|
if ($fav->id == $this->context->user->id)
|
||||||
throw new SimpleException('Already in favorites');
|
throw new SimpleException('Already in favorites');
|
||||||
|
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::FavoritePost);
|
PrivilegesHelper::confirmWithException(Privilege::FavoritePost);
|
||||||
$post->link('favoritee')->user = $this->context->user;
|
$post->link('favoritee')->user = $this->context->user;
|
||||||
R::store($post);
|
R::store($post);
|
||||||
$this->context->transport->success = true;
|
$this->context->transport->success = true;
|
||||||
|
|
@ -381,7 +377,7 @@ class PostController
|
||||||
$post = Model_Post::locate($id);
|
$post = Model_Post::locate($id);
|
||||||
R::preload($post, ['favoritee' => 'user']);
|
R::preload($post, ['favoritee' => 'user']);
|
||||||
|
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::FavoritePost);
|
PrivilegesHelper::confirmWithException(Privilege::FavoritePost);
|
||||||
if (!$this->context->loggedIn)
|
if (!$this->context->loggedIn)
|
||||||
throw new SimpleException('Not logged in');
|
throw new SimpleException('Not logged in');
|
||||||
|
|
||||||
|
|
@ -415,9 +411,9 @@ class PostController
|
||||||
'ownComment.commenter' => 'user']);
|
'ownComment.commenter' => 'user']);
|
||||||
|
|
||||||
if ($post->hidden)
|
if ($post->hidden)
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ViewPost, 'hidden');
|
PrivilegesHelper::confirmWithException(Privilege::ViewPost, 'hidden');
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ViewPost);
|
PrivilegesHelper::confirmWithException(Privilege::ViewPost);
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ViewPost, PostSafety::toString($post->safety));
|
PrivilegesHelper::confirmWithException(Privilege::ViewPost, PostSafety::toString($post->safety));
|
||||||
|
|
||||||
$buildNextPostQuery = function($dbQuery, $id, $next)
|
$buildNextPostQuery = function($dbQuery, $id, $next)
|
||||||
{
|
{
|
||||||
|
|
@ -425,7 +421,7 @@ class PostController
|
||||||
->from('post')
|
->from('post')
|
||||||
->where($next ? 'id > ?' : 'id < ?')
|
->where($next ? 'id > ?' : 'id < ?')
|
||||||
->put($id);
|
->put($id);
|
||||||
if (!PrivilegesHelper::confirm($this->context->user, Privilege::ListPosts, 'hidden'))
|
if (!PrivilegesHelper::confirm(Privilege::ListPosts, 'hidden'))
|
||||||
$dbQuery->andNot('hidden');
|
$dbQuery->andNot('hidden');
|
||||||
$dbQuery->orderBy($next ? 'id asc' : 'id desc')
|
$dbQuery->orderBy($next ? 'id asc' : 'id desc')
|
||||||
->limit(1);
|
->limit(1);
|
||||||
|
|
@ -481,8 +477,8 @@ class PostController
|
||||||
$this->context->layoutName = 'layout-file';
|
$this->context->layoutName = 'layout-file';
|
||||||
$post = Model_Post::locate($id);
|
$post = Model_Post::locate($id);
|
||||||
|
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ViewPost);
|
PrivilegesHelper::confirmWithException(Privilege::ViewPost);
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ViewPost, PostSafety::toString($post->safety));
|
PrivilegesHelper::confirmWithException(Privilege::ViewPost, PostSafety::toString($post->safety));
|
||||||
|
|
||||||
$path = $this->config->main->thumbsPath . DS . $post->name;
|
$path = $this->config->main->thumbsPath . DS . $post->name;
|
||||||
if (!file_exists($path))
|
if (!file_exists($path))
|
||||||
|
|
@ -554,8 +550,8 @@ class PostController
|
||||||
$post = Model_Post::locate($name, true);
|
$post = Model_Post::locate($name, true);
|
||||||
R::preload($post, ['tag']);
|
R::preload($post, ['tag']);
|
||||||
|
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::RetrievePost);
|
PrivilegesHelper::confirmWithException(Privilege::RetrievePost);
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::RetrievePost, PostSafety::toString($post->safety));
|
PrivilegesHelper::confirmWithException(Privilege::RetrievePost, PostSafety::toString($post->safety));
|
||||||
|
|
||||||
$path = $this->config->main->filesPath . DS . $post->name;
|
$path = $this->config->main->filesPath . DS . $post->name;
|
||||||
if (!file_exists($path))
|
if (!file_exists($path))
|
||||||
|
|
|
||||||
|
|
@ -8,7 +8,7 @@ class TagController
|
||||||
{
|
{
|
||||||
$this->context->subTitle = 'tags';
|
$this->context->subTitle = 'tags';
|
||||||
|
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ListTags);
|
PrivilegesHelper::confirmWithException(Privilege::ListTags);
|
||||||
|
|
||||||
$dbQuery = R::$f->begin();
|
$dbQuery = R::$f->begin();
|
||||||
$dbQuery->select('tag.name, COUNT(1) AS count');
|
$dbQuery->select('tag.name, COUNT(1) AS count');
|
||||||
|
|
|
||||||
|
|
@ -59,7 +59,7 @@ class UserController
|
||||||
$page = intval($page);
|
$page = intval($page);
|
||||||
$usersPerPage = intval($this->config->browsing->usersPerPage);
|
$usersPerPage = intval($this->config->browsing->usersPerPage);
|
||||||
$this->context->subTitle = 'browsing users';
|
$this->context->subTitle = 'browsing users';
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ListUsers);
|
PrivilegesHelper::confirmWithException(Privilege::ListUsers);
|
||||||
|
|
||||||
if ($sortStyle == '' or $sortStyle == 'alpha')
|
if ($sortStyle == '' or $sortStyle == 'alpha')
|
||||||
$sortStyle = 'alpha,asc';
|
$sortStyle = 'alpha,asc';
|
||||||
|
|
@ -127,8 +127,7 @@ class UserController
|
||||||
public function banAction($name)
|
public function banAction($name)
|
||||||
{
|
{
|
||||||
$user = Model_User::locate($name);
|
$user = Model_User::locate($name);
|
||||||
$secondary = $user->id == $this->context->user->id ? 'own' : 'all';
|
PrivilegesHelper::confirmWithException(Privilege::BanUser, PrivilegesHelper::getIdentitySubPrivilege($user));
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::BanUser, $secondary);
|
|
||||||
$user->banned = true;
|
$user->banned = true;
|
||||||
R::store($user);
|
R::store($user);
|
||||||
$this->context->transport->success = true;
|
$this->context->transport->success = true;
|
||||||
|
|
@ -141,8 +140,7 @@ class UserController
|
||||||
public function unbanAction($name)
|
public function unbanAction($name)
|
||||||
{
|
{
|
||||||
$user = Model_User::locate($name);
|
$user = Model_User::locate($name);
|
||||||
$secondary = $user->id == $this->context->user->id ? 'own' : 'all';
|
PrivilegesHelper::confirmWithException(Privilege::BanUser, PrivilegesHelper::getIdentitySubPrivilege($user));
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::BanUser, $secondary);
|
|
||||||
$user->banned = false;
|
$user->banned = false;
|
||||||
R::store($user);
|
R::store($user);
|
||||||
$this->context->transport->success = true;
|
$this->context->transport->success = true;
|
||||||
|
|
@ -155,7 +153,7 @@ class UserController
|
||||||
public function acceptRegistrationAction($name)
|
public function acceptRegistrationAction($name)
|
||||||
{
|
{
|
||||||
$user = Model_User::locate($name);
|
$user = Model_User::locate($name);
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::AcceptUserRegistration);
|
PrivilegesHelper::confirmWithException(Privilege::AcceptUserRegistration);
|
||||||
$user->staff_confirmed = true;
|
$user->staff_confirmed = true;
|
||||||
R::store($user);
|
R::store($user);
|
||||||
$this->context->transport->success = true;
|
$this->context->transport->success = true;
|
||||||
|
|
@ -171,9 +169,8 @@ class UserController
|
||||||
public function deleteAction($name)
|
public function deleteAction($name)
|
||||||
{
|
{
|
||||||
$user = Model_User::locate($name);
|
$user = Model_User::locate($name);
|
||||||
$secondary = $user->id == $this->context->user->id ? 'own' : 'all';
|
PrivilegesHelper::confirmWithException(Privilege::ViewUser, PrivilegesHelper::getIdentitySubPrivilege($user));
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ViewUser, $secondary);
|
PrivilegesHelper::confirmWithException(Privilege::DeleteUser, PrivilegesHelper::getIdentitySubPrivilege($user));
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::DeleteUser, $secondary);
|
|
||||||
|
|
||||||
$this->context->handleExceptions = true;
|
$this->context->handleExceptions = true;
|
||||||
$this->context->transport->user = $user;
|
$this->context->transport->user = $user;
|
||||||
|
|
@ -213,8 +210,7 @@ class UserController
|
||||||
|
|
||||||
$user = Model_User::locate($name);
|
$user = Model_User::locate($name);
|
||||||
$edited = false;
|
$edited = false;
|
||||||
$secondary = $user->id == $this->context->user->id ? 'own' : 'all';
|
PrivilegesHelper::confirmWithException(Privilege::ViewUser, PrivilegesHelper::getIdentitySubPrivilege($user));
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ViewUser, $secondary);
|
|
||||||
|
|
||||||
$this->context->handleExceptions = true;
|
$this->context->handleExceptions = true;
|
||||||
$this->context->transport->user = $user;
|
$this->context->transport->user = $user;
|
||||||
|
|
@ -233,7 +229,7 @@ class UserController
|
||||||
|
|
||||||
if ($suppliedName != '' and $suppliedName != $user->name)
|
if ($suppliedName != '' and $suppliedName != $user->name)
|
||||||
{
|
{
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ChangeUserName, $secondary);
|
PrivilegesHelper::confirmWithException(Privilege::ChangeUserName, PrivilegesHelper::getIdentitySubPrivilege($user));
|
||||||
$suppliedName = Model_User::validateUserName($suppliedName);
|
$suppliedName = Model_User::validateUserName($suppliedName);
|
||||||
$user->name = $suppliedName;
|
$user->name = $suppliedName;
|
||||||
$edited = true;
|
$edited = true;
|
||||||
|
|
@ -241,7 +237,7 @@ class UserController
|
||||||
|
|
||||||
if ($suppliedPassword1 != '')
|
if ($suppliedPassword1 != '')
|
||||||
{
|
{
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ChangeUserPassword, $secondary);
|
PrivilegesHelper::confirmWithException(Privilege::ChangeUserPassword, PrivilegesHelper::getIdentitySubPrivilege($user));
|
||||||
if ($suppliedPassword1 != $suppliedPassword2)
|
if ($suppliedPassword1 != $suppliedPassword2)
|
||||||
throw new SimpleException('Specified passwords must be the same');
|
throw new SimpleException('Specified passwords must be the same');
|
||||||
$suppliedPassword = Model_User::validatePassword($suppliedPassword1);
|
$suppliedPassword = Model_User::validatePassword($suppliedPassword1);
|
||||||
|
|
@ -251,7 +247,7 @@ class UserController
|
||||||
|
|
||||||
if ($suppliedEmail != '' and $suppliedEmail != $user->email_confirmed)
|
if ($suppliedEmail != '' and $suppliedEmail != $user->email_confirmed)
|
||||||
{
|
{
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ChangeUserEmail, $secondary);
|
PrivilegesHelper::confirmWithException(Privilege::ChangeUserEmail, PrivilegesHelper::getIdentitySubPrivilege($user));
|
||||||
$suppliedEmail = Model_User::validateEmail($suppliedEmail);
|
$suppliedEmail = Model_User::validateEmail($suppliedEmail);
|
||||||
if ($this->context->user->id == $user->id)
|
if ($this->context->user->id == $user->id)
|
||||||
{
|
{
|
||||||
|
|
@ -268,7 +264,7 @@ class UserController
|
||||||
|
|
||||||
if ($suppliedAccessRank != '' and $suppliedAccessRank != $user->access_rank)
|
if ($suppliedAccessRank != '' and $suppliedAccessRank != $user->access_rank)
|
||||||
{
|
{
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ChangeUserAccessRank, $secondary);
|
PrivilegesHelper::confirmWithException(Privilege::ChangeUserAccessRank, PrivilegesHelper::getIdentitySubPrivilege($user));
|
||||||
$suppliedAccessRank = Model_User::validateAccessRank($suppliedAccessRank);
|
$suppliedAccessRank = Model_User::validateAccessRank($suppliedAccessRank);
|
||||||
$user->access_rank = $suppliedAccessRank;
|
$user->access_rank = $suppliedAccessRank;
|
||||||
$edited = true;
|
$edited = true;
|
||||||
|
|
@ -312,8 +308,7 @@ class UserController
|
||||||
if ($page === null)
|
if ($page === null)
|
||||||
$page = 1;
|
$page = 1;
|
||||||
|
|
||||||
$secondary = $user->id == $this->context->user->id ? 'own' : 'all';
|
PrivilegesHelper::confirmWithException(Privilege::ViewUser, PrivilegesHelper::getIdentitySubPrivilege($user));
|
||||||
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ViewUser, $secondary);
|
|
||||||
$this->context->stylesheets []= 'user-view.css';
|
$this->context->stylesheets []= 'user-view.css';
|
||||||
$this->context->stylesheets []= 'post-list.css';
|
$this->context->stylesheets []= 'post-list.css';
|
||||||
$this->context->stylesheets []= 'paginator.css';
|
$this->context->stylesheets []= 'paginator.css';
|
||||||
|
|
@ -329,7 +324,7 @@ class UserController
|
||||||
/* safety */
|
/* safety */
|
||||||
$allowedSafety = array_filter(PostSafety::getAll(), function($safety)
|
$allowedSafety = array_filter(PostSafety::getAll(), function($safety)
|
||||||
{
|
{
|
||||||
return PrivilegesHelper::confirm($this->context->user, Privilege::ListPosts, PostSafety::toString($safety)) and
|
return PrivilegesHelper::confirm(Privilege::ListPosts, PostSafety::toString($safety)) and
|
||||||
$this->context->user->hasEnabledSafety($safety);
|
$this->context->user->hasEnabledSafety($safety);
|
||||||
});
|
});
|
||||||
$dbQuery->where('safety IN (' . R::genSlots($allowedSafety) . ')');
|
$dbQuery->where('safety IN (' . R::genSlots($allowedSafety) . ')');
|
||||||
|
|
@ -338,7 +333,7 @@ class UserController
|
||||||
|
|
||||||
|
|
||||||
/* hidden */
|
/* hidden */
|
||||||
if (!PrivilegesHelper::confirm($this->context->user, Privilege::ListPosts, 'hidden'))
|
if (!PrivilegesHelper::confirm(Privilege::ListPosts, 'hidden'))
|
||||||
$dbQuery->andNot('hidden');
|
$dbQuery->andNot('hidden');
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -10,18 +10,19 @@ class PrivilegesHelper
|
||||||
{
|
{
|
||||||
if (strpos($key, '.') === false)
|
if (strpos($key, '.') === false)
|
||||||
$key .= '.';
|
$key .= '.';
|
||||||
list ($privilegeName, $flag) = explode('.', $key);
|
list ($privilegeName, $subPrivilegeName) = explode('.', $key);
|
||||||
$privilegeName = TextHelper::camelCaseToKebabCase($privilegeName);
|
$privilegeName = TextHelper::camelCaseToKebabCase($privilegeName);
|
||||||
$flag = TextHelper::camelCaseToKebabCase($flag);
|
$subPrivilegeName = TextHelper::camelCaseToKebabCase($subPrivilegeName);
|
||||||
$key = rtrim($privilegeName . '.' . $flag, '.');
|
$key = rtrim($privilegeName . '.' . $subPrivilegeName, '.');
|
||||||
|
|
||||||
$minAccessRank = TextHelper::resolveConstant($minAccessRankName, 'AccessRank');
|
$minAccessRank = TextHelper::resolveConstant($minAccessRankName, 'AccessRank');
|
||||||
self::$privileges[$key] = $minAccessRank;
|
self::$privileges[$key] = $minAccessRank;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function confirm($user, $privilege, $flag = null)
|
public static function confirm($privilege, $subPrivilege = null)
|
||||||
{
|
{
|
||||||
|
$user = \Chibi\Registry::getContext()->user;
|
||||||
$minAccessRank = AccessRank::Admin;
|
$minAccessRank = AccessRank::Admin;
|
||||||
|
|
||||||
$key = TextHelper::camelCaseToKebabCase(Privilege::toString($privilege));
|
$key = TextHelper::camelCaseToKebabCase(Privilege::toString($privilege));
|
||||||
|
|
@ -29,9 +30,9 @@ class PrivilegesHelper
|
||||||
{
|
{
|
||||||
$minAccessRank = self::$privileges[$key];
|
$minAccessRank = self::$privileges[$key];
|
||||||
}
|
}
|
||||||
if ($flag != null)
|
if ($subPrivilege != null)
|
||||||
{
|
{
|
||||||
$key2 = $key . '.' . strtolower($flag);
|
$key2 = $key . '.' . strtolower($subPrivilege);
|
||||||
if (isset(self::$privileges[$key2]))
|
if (isset(self::$privileges[$key2]))
|
||||||
{
|
{
|
||||||
$minAccessRank = self::$privileges[$key2];
|
$minAccessRank = self::$privileges[$key2];
|
||||||
|
|
@ -41,14 +42,20 @@ class PrivilegesHelper
|
||||||
return intval($user->access_rank) >= $minAccessRank;
|
return intval($user->access_rank) >= $minAccessRank;
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function confirmWithException($user, $privilege, $flag = null)
|
public static function confirmWithException($privilege, $subPrivilege = null)
|
||||||
{
|
{
|
||||||
if (!self::confirm($user, $privilege, $flag))
|
if (!self::confirm($privilege, $subPrivilege))
|
||||||
{
|
{
|
||||||
throw new SimpleException('Insufficient privileges');
|
throw new SimpleException('Insufficient privileges');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static function getIdentitySubPrivilege($user)
|
||||||
|
{
|
||||||
|
$userFromContext = \Chibi\Registry::getContext()->user;
|
||||||
|
return $user->id == $userFromContext->id ? 'own' : 'all';
|
||||||
|
}
|
||||||
|
|
||||||
public static function confirmEmail($user)
|
public static function confirmEmail($user)
|
||||||
{
|
{
|
||||||
if (!$user->email_confirmed)
|
if (!$user->email_confirmed)
|
||||||
|
|
|
||||||
|
|
@ -25,8 +25,7 @@
|
||||||
<?php echo date('Y-m-d H:i', $this->context->comment->comment_date) ?>
|
<?php echo date('Y-m-d H:i', $this->context->comment->comment_date) ?>
|
||||||
</span>
|
</span>
|
||||||
|
|
||||||
<?php $secondary = $this->context->comment->commenter->id == $this->context->user->id ? 'own' : 'all' ?>
|
<?php if (PrivilegesHelper::confirm(Privilege::DeleteComment, PrivilegesHelper::getIdentitySubPrivilege($this->context->comment->commenter))): ?>
|
||||||
<?php if (PrivilegesHelper::confirm($this->context->user, Privilege::DeleteComment, $secondary)): ?>
|
|
||||||
<span class="delete">
|
<span class="delete">
|
||||||
<a class="simple-action" href="<?php echo \Chibi\UrlHelper::route('comment', 'delete', ['id' => $this->context->comment->id]) ?>" data-confirm-text="Are you sure you want to delete this comment?">
|
<a class="simple-action" href="<?php echo \Chibi\UrlHelper::route('comment', 'delete', ['id' => $this->context->comment->id]) ?>" data-confirm-text="Are you sure you want to delete this comment?">
|
||||||
delete
|
delete
|
||||||
|
|
|
||||||
|
|
@ -23,22 +23,22 @@
|
||||||
$nav = [];
|
$nav = [];
|
||||||
|
|
||||||
$nav []= ['Home', \Chibi\UrlHelper::route('index', 'index')];
|
$nav []= ['Home', \Chibi\UrlHelper::route('index', 'index')];
|
||||||
if (PrivilegesHelper::confirm($this->context->user, Privilege::ListPosts))
|
if (PrivilegesHelper::confirm(Privilege::ListPosts))
|
||||||
$nav []= ['Browse', \Chibi\UrlHelper::route('post', 'list')];
|
$nav []= ['Browse', \Chibi\UrlHelper::route('post', 'list')];
|
||||||
|
|
||||||
if (PrivilegesHelper::confirm($this->context->user, Privilege::ListPosts))
|
if (PrivilegesHelper::confirm(Privilege::ListPosts))
|
||||||
$nav []= ['Favorites', \Chibi\UrlHelper::route('post', 'favorites')];
|
$nav []= ['Favorites', \Chibi\UrlHelper::route('post', 'favorites')];
|
||||||
|
|
||||||
if (PrivilegesHelper::confirm($this->context->user, Privilege::UploadPost))
|
if (PrivilegesHelper::confirm(Privilege::UploadPost))
|
||||||
$nav []= ['Upload', \Chibi\UrlHelper::route('post', 'upload')];
|
$nav []= ['Upload', \Chibi\UrlHelper::route('post', 'upload')];
|
||||||
|
|
||||||
if (PrivilegesHelper::confirm($this->context->user, Privilege::ListComments))
|
if (PrivilegesHelper::confirm(Privilege::ListComments))
|
||||||
$nav []= ['Comments', \Chibi\UrlHelper::route('comment', 'list')];
|
$nav []= ['Comments', \Chibi\UrlHelper::route('comment', 'list')];
|
||||||
|
|
||||||
if (PrivilegesHelper::confirm($this->context->user, Privilege::ListTags))
|
if (PrivilegesHelper::confirm(Privilege::ListTags))
|
||||||
$nav []= ['Tags', \Chibi\UrlHelper::route('tag', 'list')];
|
$nav []= ['Tags', \Chibi\UrlHelper::route('tag', 'list')];
|
||||||
|
|
||||||
if (PrivilegesHelper::confirm($this->context->user, Privilege::ListUsers))
|
if (PrivilegesHelper::confirm(Privilege::ListUsers))
|
||||||
$nav []= ['Users', \Chibi\UrlHelper::route('user', 'list')];
|
$nav []= ['Users', \Chibi\UrlHelper::route('user', 'list')];
|
||||||
|
|
||||||
if (!$this->context->loggedIn)
|
if (!$this->context->loggedIn)
|
||||||
|
|
@ -67,7 +67,7 @@
|
||||||
<li class="safety">
|
<li class="safety">
|
||||||
<ul>
|
<ul>
|
||||||
<?php foreach (PostSafety::getAll() as $safety): ?>
|
<?php foreach (PostSafety::getAll() as $safety): ?>
|
||||||
<?php if (PrivilegesHelper::confirm($this->context->user, Privilege::ListPosts, PostSafety::toString($safety))): ?>
|
<?php if (PrivilegesHelper::confirm(Privilege::ListPosts, PostSafety::toString($safety))): ?>
|
||||||
<li class="safety-<?php echo TextHelper::camelCaseToHumanCase(PostSafety::toString($safety)) ?>">
|
<li class="safety-<?php echo TextHelper::camelCaseToHumanCase(PostSafety::toString($safety)) ?>">
|
||||||
<a href="<?php echo \Chibi\UrlHelper::route('user', 'toggle-safety', ['safety' => $safety]) ?>" class="<?php echo $this->context->user->hasEnabledSafety($safety) ? 'enabled' : 'disabled' ?>" title="Searching <?php echo TextHelper::camelCaseToHumanCase(PostSafety::ToString($safety)) ?> posts: <?php echo $this->context->user->hasEnabledSafety($safety) ? 'enabled' : 'disabled' ?>">
|
<a href="<?php echo \Chibi\UrlHelper::route('user', 'toggle-safety', ['safety' => $safety]) ?>" class="<?php echo $this->context->user->hasEnabledSafety($safety) ? 'enabled' : 'disabled' ?>" title="Searching <?php echo TextHelper::camelCaseToHumanCase(PostSafety::ToString($safety)) ?> posts: <?php echo $this->context->user->hasEnabledSafety($safety) ? 'enabled' : 'disabled' ?>">
|
||||||
<span><?php echo TextHelper::camelCaseToHumanCase(PostSafety::toString($safety), true) ?></span>
|
<span><?php echo TextHelper::camelCaseToHumanCase(PostSafety::toString($safety), true) ?></span>
|
||||||
|
|
|
||||||
|
|
@ -119,7 +119,7 @@
|
||||||
<h1>options</h1>
|
<h1>options</h1>
|
||||||
|
|
||||||
<ul>
|
<ul>
|
||||||
<?php if (PrivilegesHelper::confirm($this->context->user, Privilege::FavoritePost)): ?>
|
<?php if (PrivilegesHelper::confirm(Privilege::FavoritePost)): ?>
|
||||||
<?php if (!$this->context->favorite): ?>
|
<?php if (!$this->context->favorite): ?>
|
||||||
<li class="add-fav">
|
<li class="add-fav">
|
||||||
<a class="simple-action" href="<?php echo \Chibi\UrlHelper::route('post', 'add-favorite', ['id' => $this->context->transport->post->id]) ?>">
|
<a class="simple-action" href="<?php echo \Chibi\UrlHelper::route('post', 'add-favorite', ['id' => $this->context->transport->post->id]) ?>">
|
||||||
|
|
@ -136,7 +136,6 @@
|
||||||
<?php endif ?>
|
<?php endif ?>
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
$secondary = $this->context->transport->post->uploader->id == $this->context->user->id ? 'own' : 'all';
|
|
||||||
$editPostPrivileges = [
|
$editPostPrivileges = [
|
||||||
Privilege::EditPostSafety,
|
Privilege::EditPostSafety,
|
||||||
Privilege::EditPostTags,
|
Privilege::EditPostTags,
|
||||||
|
|
@ -145,7 +144,7 @@
|
||||||
$editPostPrivileges = array_fill_keys($editPostPrivileges, false);
|
$editPostPrivileges = array_fill_keys($editPostPrivileges, false);
|
||||||
foreach (array_keys($editPostPrivileges) as $privilege)
|
foreach (array_keys($editPostPrivileges) as $privilege)
|
||||||
{
|
{
|
||||||
if (PrivilegesHelper::confirm($this->context->user, $privilege, $secondary))
|
if (PrivilegesHelper::confirm($privilege, PrivilegesHelper::getIdentitySubPrivilege($this->context->transport->post->uploader)))
|
||||||
$editPostPrivileges[$privilege] = true;
|
$editPostPrivileges[$privilege] = true;
|
||||||
}
|
}
|
||||||
$canEditAnything = count(array_filter($editPostPrivileges)) > 0;
|
$canEditAnything = count(array_filter($editPostPrivileges)) > 0;
|
||||||
|
|
@ -159,7 +158,7 @@
|
||||||
</li>
|
</li>
|
||||||
<?php endif ?>
|
<?php endif ?>
|
||||||
|
|
||||||
<?php if (PrivilegesHelper::confirm($this->context->user, Privilege::HidePost, $secondary)): ?>
|
<?php if (PrivilegesHelper::confirm(Privilege::HidePost, PrivilegesHelper::getIdentitySubPrivilege($this->context->transport->post->uploader))): ?>
|
||||||
<?php if ($this->context->transport->post->hidden): ?>
|
<?php if ($this->context->transport->post->hidden): ?>
|
||||||
<li class="unhide">
|
<li class="unhide">
|
||||||
<a class="simple-action" href="<?php echo \Chibi\UrlHelper::route('post', 'unhide', ['id' => $this->context->transport->post->id]) ?>">
|
<a class="simple-action" href="<?php echo \Chibi\UrlHelper::route('post', 'unhide', ['id' => $this->context->transport->post->id]) ?>">
|
||||||
|
|
@ -175,7 +174,7 @@
|
||||||
<?php endif ?>
|
<?php endif ?>
|
||||||
<?php endif ?>
|
<?php endif ?>
|
||||||
|
|
||||||
<?php if (PrivilegesHelper::confirm($this->context->user, Privilege::DeletePost, $secondary)): ?>
|
<?php if (PrivilegesHelper::confirm(Privilege::DeletePost, PrivilegesHelper::getIdentitySubPrivilege($this->context->transport->post->uploader))): ?>
|
||||||
<li class="delete">
|
<li class="delete">
|
||||||
<a class="simple-action" href="<?php echo \Chibi\UrlHelper::route('post', 'delete', ['id' => $this->context->transport->post->id]) ?>" data-confirm-text="Are you sure?" data-redirect-url="<?php echo \Chibi\UrlHelper::route('post', 'list') ?>">
|
<a class="simple-action" href="<?php echo \Chibi\UrlHelper::route('post', 'delete', ['id' => $this->context->transport->post->id]) ?>" data-confirm-text="Are you sure?" data-redirect-url="<?php echo \Chibi\UrlHelper::route('post', 'list') ?>">
|
||||||
Delete
|
Delete
|
||||||
|
|
@ -252,7 +251,7 @@
|
||||||
<?php endif ?>
|
<?php endif ?>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<?php if (PrivilegesHelper::confirm($this->context->user, Privilege::AddComment)): ?>
|
<?php if (PrivilegesHelper::confirm(Privilege::AddComment)): ?>
|
||||||
<form action="<?php echo \Chibi\UrlHelper::route('comment', 'add', ['postId' => $this->context->transport->post->id]) ?>" method="post" class="add-comment aligned footer-unit">
|
<form action="<?php echo \Chibi\UrlHelper::route('comment', 'add', ['postId' => $this->context->transport->post->id]) ?>" method="post" class="add-comment aligned footer-unit">
|
||||||
<h1>add comment</h1>
|
<h1>add comment</h1>
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -19,7 +19,7 @@
|
||||||
<span class="value" title="<?php echo $val = TextHelper::camelCaseToHumanCase(AccessRank::toString($this->context->transport->user->access_rank)) ?>"><?php echo $val ?></span>
|
<span class="value" title="<?php echo $val = TextHelper::camelCaseToHumanCase(AccessRank::toString($this->context->transport->user->access_rank)) ?>"><?php echo $val ?></span>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<?php if (PrivilegesHelper::confirm($this->context->user, Privilege::ViewUserEmail)): ?>
|
<?php if (PrivilegesHelper::confirm(Privilege::ViewUserEmail)): ?>
|
||||||
<div class="key-value email">
|
<div class="key-value email">
|
||||||
<span class="key">E-mail:</span>
|
<span class="key">E-mail:</span>
|
||||||
<span class="value" title="<?php echo $val = ($this->context->transport->user->email_unconfirmed ? '(unconfirmed) ' . $this->context->transport->user->email_unconfirmed : $this->context->transport->user->email_confirmed ?: 'none specified') ?>"><?php echo $val ?></span>
|
<span class="value" title="<?php echo $val = ($this->context->transport->user->email_unconfirmed ? '(unconfirmed) ' . $this->context->transport->user->email_unconfirmed : $this->context->transport->user->email_confirmed ?: 'none specified') ?>"><?php echo $val ?></span>
|
||||||
|
|
@ -33,7 +33,6 @@
|
||||||
|
|
||||||
<ul>
|
<ul>
|
||||||
<?php
|
<?php
|
||||||
$secondary = $this->context->transport->user->id == $this->context->user->id ? 'own' : 'all';
|
|
||||||
$userModificationPrivileges = [
|
$userModificationPrivileges = [
|
||||||
Privilege::ChangeUserName,
|
Privilege::ChangeUserName,
|
||||||
Privilege::ChangeUserEmail,
|
Privilege::ChangeUserEmail,
|
||||||
|
|
@ -44,7 +43,7 @@
|
||||||
foreach (array_keys($userModificationPrivileges) as $privilege)
|
foreach (array_keys($userModificationPrivileges) as $privilege)
|
||||||
{
|
{
|
||||||
|
|
||||||
if (PrivilegesHelper::confirm($this->context->user, $privilege, $secondary))
|
if (PrivilegesHelper::confirm($privilege, PrivilegesHelper::getIdentitySubPrivilege($this->context->transport->user)))
|
||||||
$userModificationPrivileges[$privilege] = true;
|
$userModificationPrivileges[$privilege] = true;
|
||||||
}
|
}
|
||||||
$canModifyAnything = count(array_filter($userModificationPrivileges)) > 0;
|
$canModifyAnything = count(array_filter($userModificationPrivileges)) > 0;
|
||||||
|
|
@ -58,7 +57,7 @@
|
||||||
</li>
|
</li>
|
||||||
<?php endif ?>
|
<?php endif ?>
|
||||||
|
|
||||||
<?php if (PrivilegesHelper::confirm($this->context->user, Privilege::BanUser, $secondary)): ?>
|
<?php if (PrivilegesHelper::confirm(Privilege::BanUser, PrivilegesHelper::getIdentitySubPrivilege($this->context->transport->user))): ?>
|
||||||
<?php if (!$this->context->transport->user->banned): ?>
|
<?php if (!$this->context->transport->user->banned): ?>
|
||||||
<li class="ban">
|
<li class="ban">
|
||||||
<a class="simple-action" href="<?php echo \Chibi\UrlHelper::route('user', 'ban', ['name' => $this->context->transport->user->name]) ?>" data-confirm-text="Are you sure?">
|
<a class="simple-action" href="<?php echo \Chibi\UrlHelper::route('user', 'ban', ['name' => $this->context->transport->user->name]) ?>" data-confirm-text="Are you sure?">
|
||||||
|
|
@ -74,7 +73,7 @@
|
||||||
<?php endif ?>
|
<?php endif ?>
|
||||||
<?php endif ?>
|
<?php endif ?>
|
||||||
|
|
||||||
<?php if (PrivilegesHelper::confirm($this->context->user, Privilege::AcceptUserRegistration) and !$this->context->transport->user->staff_confirmed and $this->config->registration->staffActivation): ?>
|
<?php if (PrivilegesHelper::confirm(Privilege::AcceptUserRegistration) and !$this->context->transport->user->staff_confirmed and $this->config->registration->staffActivation): ?>
|
||||||
<li class="accept-registration">
|
<li class="accept-registration">
|
||||||
<a class="simple-action" href="<?php echo \Chibi\UrlHelper::route('user', 'accept-registration', ['name' => $this->context->transport->user->name]) ?>">
|
<a class="simple-action" href="<?php echo \Chibi\UrlHelper::route('user', 'accept-registration', ['name' => $this->context->transport->user->name]) ?>">
|
||||||
Accept registration
|
Accept registration
|
||||||
|
|
@ -126,7 +125,7 @@
|
||||||
</li>
|
</li>
|
||||||
<?php endif ?>
|
<?php endif ?>
|
||||||
|
|
||||||
<?php if (PrivilegesHelper::confirm($this->context->user, Privilege::DeleteUser, $secondary)): ?>
|
<?php if (PrivilegesHelper::confirm(Privilege::DeleteUser, PrivilegesHelper::getIdentitySubPrivilege($this->context->transport->user))): ?>
|
||||||
<?php if ($this->context->transport->tab == 'delete'): ?>
|
<?php if ($this->context->transport->tab == 'delete'): ?>
|
||||||
<li class="selected delete">
|
<li class="selected delete">
|
||||||
<?php else: ?>
|
<?php else: ?>
|
||||||
|
|
@ -155,21 +154,21 @@
|
||||||
<hr>
|
<hr>
|
||||||
<?php endif ?>
|
<?php endif ?>
|
||||||
|
|
||||||
<?php if (PrivilegesHelper::confirm($this->context->user, Privilege::ChangeUserName, $secondary)): ?>
|
<?php if (PrivilegesHelper::confirm(Privilege::ChangeUserName, PrivilegesHelper::getIdentitySubPrivilege($this->context->transport->user))): ?>
|
||||||
<div class="nickname">
|
<div class="nickname">
|
||||||
<label class="left" for="name">Name:</label>
|
<label class="left" for="name">Name:</label>
|
||||||
<input type="text" name="name" id="name" placeholder="New name…" value="<?php echo $this->context->suppliedName ?>"/>
|
<input type="text" name="name" id="name" placeholder="New name…" value="<?php echo $this->context->suppliedName ?>"/>
|
||||||
</div>
|
</div>
|
||||||
<?php endif ?>
|
<?php endif ?>
|
||||||
|
|
||||||
<?php if (PrivilegesHelper::confirm($this->context->user, Privilege::ChangeUserEmail, $secondary)): ?>
|
<?php if (PrivilegesHelper::confirm(Privilege::ChangeUserEmail, PrivilegesHelper::getIdentitySubPrivilege($this->context->transport->user))): ?>
|
||||||
<div class="email">
|
<div class="email">
|
||||||
<label class="left" for="name">E-mail:</label>
|
<label class="left" for="name">E-mail:</label>
|
||||||
<input type="text" name="email" id="email" placeholder="New e-mail…" value="<?php echo $this->context->suppliedEmail ?>"/>
|
<input type="text" name="email" id="email" placeholder="New e-mail…" value="<?php echo $this->context->suppliedEmail ?>"/>
|
||||||
</div>
|
</div>
|
||||||
<?php endif ?>
|
<?php endif ?>
|
||||||
|
|
||||||
<?php if (PrivilegesHelper::confirm($this->context->user, Privilege::ChangeUserPassword, $secondary)): ?>
|
<?php if (PrivilegesHelper::confirm(Privilege::ChangeUserPassword, PrivilegesHelper::getIdentitySubPrivilege($this->context->transport->user))): ?>
|
||||||
<div class="password1">
|
<div class="password1">
|
||||||
<label class="left" for="password1">New password:</label>
|
<label class="left" for="password1">New password:</label>
|
||||||
<input type="password" name="password1" id="password1" placeholder="New password…" value="<?php echo $this->context->suppliedPassword1 ?>"/>
|
<input type="password" name="password1" id="password1" placeholder="New password…" value="<?php echo $this->context->suppliedPassword1 ?>"/>
|
||||||
|
|
@ -180,7 +179,7 @@
|
||||||
</div>
|
</div>
|
||||||
<?php endif ?>
|
<?php endif ?>
|
||||||
|
|
||||||
<?php if (PrivilegesHelper::confirm($this->context->user, Privilege::ChangeUserAccessRank, $secondary)): ?>
|
<?php if (PrivilegesHelper::confirm(Privilege::ChangeUserAccessRank, PrivilegesHelper::getIdentitySubPrivilege($this->context->transport->user))): ?>
|
||||||
<div class="access-rank">
|
<div class="access-rank">
|
||||||
<label class="left" for="access-rank">Access rank:</label>
|
<label class="left" for="access-rank">Access rank:</label>
|
||||||
<select name="access-rank" id="access-rank">
|
<select name="access-rank" id="access-rank">
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue