From 0712f15ee46cb55f1ee2eb0eefdf5e01762d5443 Mon Sep 17 00:00:00 2001
From: Marcin Kurczewski <mkurczew@gmail.com>
Date: Fri, 25 Oct 2013 17:25:05 +0200
Subject: [PATCH] Closed #50

---
 config.ini                         |  2 ++
 src/Controllers/UserController.php |  4 ++--
 src/Models/Privilege.php           |  1 +
 src/Views/user-view.phtml          | 18 ++++++++++--------
 4 files changed, 15 insertions(+), 10 deletions(-)

diff --git a/config.ini b/config.ini
index 730483f7..d29e2fab 100644
--- a/config.ini
+++ b/config.ini
@@ -81,6 +81,8 @@ changeUserEmail.own=registered
 changeUserEmail.all=admin
 changeUserAccessRank=admin
 changeUserName=moderator
+changeUserSettings.all=nobody
+changeUserSettings.own=registered
 acceptUserRegistration=moderator
 banUser.own=nobody
 banUser.all=admin
diff --git a/src/Controllers/UserController.php b/src/Controllers/UserController.php
index 1e1d92b6..53336d41 100644
--- a/src/Controllers/UserController.php
+++ b/src/Controllers/UserController.php
@@ -226,6 +226,7 @@ class UserController
 	{
 		$user = Model_User::locate($name);
 		PrivilegesHelper::confirmWithException(Privilege::ViewUser, PrivilegesHelper::getIdentitySubPrivilege($user));
+		PrivilegesHelper::confirmWithException(Privilege::ChangeUserSettings, PrivilegesHelper::getIdentitySubPrivilege($user));
 
 		$this->context->handleExceptions = true;
 		$this->context->transport->user = $user;
@@ -444,8 +445,7 @@ class UserController
 	*/
 	public function toggleSafetyAction($safety)
 	{
-		if (!$this->context->loggedIn)
-			throw new SimpleException('Not logged in');
+		PrivilegesHelper::confirmWithException(Privilege::ChangeUserSettings, PrivilegesHelper::getIdentitySubPrivilege($this->context->user));
 
 		if (!in_array($safety, PostSafety::getAll()))
 			throw new SimpleExcetpion('Invalid safety');
diff --git a/src/Models/Privilege.php b/src/Models/Privilege.php
index 9ed0bc2d..d43be24b 100644
--- a/src/Models/Privilege.php
+++ b/src/Models/Privilege.php
@@ -23,6 +23,7 @@ class Privilege extends Enum
 	const ChangeUserAccessRank = 16;
 	const ChangeUserEmail = 17;
 	const ChangeUserName = 18;
+	const ChangeUserSettings = 28;
 	const DeleteUser = 19;
 
 	const ListComments = 20;
diff --git a/src/Views/user-view.phtml b/src/Views/user-view.phtml
index 917d4176..e3868876 100644
--- a/src/Views/user-view.phtml
+++ b/src/Views/user-view.phtml
@@ -121,15 +121,17 @@
 					</a>
 				</li>
 
-				<?php if ($this->context->transport->tab == 'settings'): ?>
-					<li class="selected settings">
-				<?php else: ?>
-					<li class="settings">
+				<?php if (PrivilegesHelper::confirm(Privilege::ChangeUserSettings, PrivilegesHelper::getIdentitySubPrivilege($this->context->transport->user))): ?>
+					<?php if ($this->context->transport->tab == 'settings'): ?>
+						<li class="selected settings">
+					<?php else: ?>
+						<li class="settings">
+					<?php endif ?>
+						<a href="<?php echo \Chibi\UrlHelper::route('user', 'settings', ['name' => $this->context->transport->user->name]) ?>">
+							Browsing settings
+						</a>
+					</li>
 				<?php endif ?>
-					<a href="<?php echo \Chibi\UrlHelper::route('user', 'settings', ['name' => $this->context->transport->user->name]) ?>">
-						Browsing settings
-					</a>
-				</li>
 
 				<?php if ($canModifyAnything): ?>
 					<?php if ($this->context->transport->tab == 'edit'): ?>