From 925fccbd177cc1cacbfdd16203998b5cad94d32a Mon Sep 17 00:00:00 2001
From: Marcin Kurczewski <mkurczew@gmail.com>
Date: Thu, 1 May 2014 16:18:42 +0200
Subject: [PATCH] Moved authentication check to Access

---
 src/Access.php                     |  6 ++++++
 src/Controllers/PostController.php | 12 +++---------
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/src/Access.php b/src/Access.php
index e6f20a01..97610391 100644
--- a/src/Access.php
+++ b/src/Access.php
@@ -60,6 +60,12 @@ class Access
 		return intval($user->accessRank) >= $minAccessRank;
 	}
 
+	public static function assertAuthentication()
+	{
+		if (!Auth::isLoggedIn())
+			throw new SimpleException('Not logged in');
+	}
+
 	public static function assert($privilege, $subPrivilege = null)
 	{
 		if (!self::check($privilege, $subPrivilege))
diff --git a/src/Controllers/PostController.php b/src/Controllers/PostController.php
index 4c06c666..c74b31d1 100644
--- a/src/Controllers/PostController.php
+++ b/src/Controllers/PostController.php
@@ -263,13 +263,11 @@ class PostController
 		$context = getContext();
 		$post = PostModel::findByIdOrName($id);
 		Access::assert(Privilege::FavoritePost, Access::getIdentity($post->getUploader()));
+		Access::assertAuthentication();
 
 		if (!InputHelper::get('submit'))
 			return;
 
-		if (!Auth::isLoggedIn())
-			throw new SimpleException('Not logged in');
-
 		UserModel::updateUserScore(Auth::getCurrentUser(), $post, 1);
 		UserModel::addToUserFavorites(Auth::getCurrentUser(), $post);
 		StatusHelper::success();
@@ -280,13 +278,11 @@ class PostController
 		$context = getContext();
 		$post = PostModel::findByIdOrName($id);
 		Access::assert(Privilege::FavoritePost, Access::getIdentity($post->getUploader()));
+		Access::assertAuthentication();
 
 		if (!InputHelper::get('submit'))
 			return;
 
-		if (!Auth::isLoggedIn())
-			throw new SimpleException('Not logged in');
-
 		UserModel::removeFromUserFavorites(Auth::getCurrentUser(), $post);
 		StatusHelper::success();
 	}
@@ -296,13 +292,11 @@ class PostController
 		$context = getContext();
 		$post = PostModel::findByIdOrName($id);
 		Access::assert(Privilege::ScorePost, Access::getIdentity($post->getUploader()));
+		Access::assertAuthentication();
 
 		if (!InputHelper::get('submit'))
 			return;
 
-		if (!Auth::isLoggedIn())
-			throw new SimpleException('Not logged in');
-
 		UserModel::updateUserScore(Auth::getCurrentUser(), $post, $score);
 		StatusHelper::success();
 	}