get rid of is_admin, fixes #676
This commit is contained in:
Shish
parent
0f4a0275b5
commit
a7bddb1dac
@ -42,6 +42,7 @@ abstract class Permissions
|
|||||||
public const CREATE_IMAGE_REPORT = "create_image_report";
|
public const CREATE_IMAGE_REPORT = "create_image_report";
|
||||||
public const VIEW_IMAGE_REPORT = "view_image_report"; # deal with reported images
|
public const VIEW_IMAGE_REPORT = "view_image_report"; # deal with reported images
|
||||||
|
|
||||||
|
public const WIKI_ADMIN = "wiki_admin";
|
||||||
public const EDIT_WIKI_PAGE = "edit_wiki_page";
|
public const EDIT_WIKI_PAGE = "edit_wiki_page";
|
||||||
public const DELETE_WIKI_PAGE = "delete_wiki_page";
|
public const DELETE_WIKI_PAGE = "delete_wiki_page";
|
||||||
|
|
||||||
@ -66,4 +67,17 @@ abstract class Permissions
|
|||||||
public const VIEW_TRASH = "view_trash";
|
public const VIEW_TRASH = "view_trash";
|
||||||
|
|
||||||
public const PERFORM_BULK_ACTIONS = "perform_bulk_actions";
|
public const PERFORM_BULK_ACTIONS = "perform_bulk_actions";
|
||||||
|
|
||||||
|
public const BULK_ADD = "bulk_add";
|
||||||
|
public const EDIT_FILES = "edit_files";
|
||||||
|
public const EDIT_TAG_CATEGORIES = "edit_tag_categories";
|
||||||
|
public const RESCAN_MEDIA = "rescan_media";
|
||||||
|
public const SEE_IMAGE_VIEW_COUNTS = "see_image_view_counts";
|
||||||
|
|
||||||
|
public const ARTISTS_ADMIN = "artists_admin";
|
||||||
|
public const BLOTTER_ADMIN = "blotter_admin";
|
||||||
|
public const FORUM_ADMIN = "forum_admin";
|
||||||
|
public const NOTES_ADMIN = "notes_admin";
|
||||||
|
public const POOLS_ADMIN = "pools_admin";
|
||||||
|
public const TIPS_ADMIN = "tips_admin";
|
||||||
}
|
}
|
||||||
|
|||||||
@ -144,11 +144,6 @@ class User
|
|||||||
return ($this->id !== $config->get_int('anon_id'));
|
return ($this->id !== $config->get_int('anon_id'));
|
||||||
}
|
}
|
||||||
|
|
||||||
public function is_admin(): bool
|
|
||||||
{
|
|
||||||
return ($this->class->name === "admin");
|
|
||||||
}
|
|
||||||
|
|
||||||
public function set_class(string $class): void
|
public function set_class(string $class): void
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
|
|||||||
@ -112,6 +112,7 @@ new UserClass("base", null, [
|
|||||||
Permissions::CREATE_IMAGE_REPORT => false,
|
Permissions::CREATE_IMAGE_REPORT => false,
|
||||||
Permissions::VIEW_IMAGE_REPORT => false, # deal with reported images
|
Permissions::VIEW_IMAGE_REPORT => false, # deal with reported images
|
||||||
|
|
||||||
|
Permissions::WIKI_ADMIN => false,
|
||||||
Permissions::EDIT_WIKI_PAGE => false,
|
Permissions::EDIT_WIKI_PAGE => false,
|
||||||
Permissions::DELETE_WIKI_PAGE => false,
|
Permissions::DELETE_WIKI_PAGE => false,
|
||||||
|
|
||||||
@ -136,6 +137,19 @@ new UserClass("base", null, [
|
|||||||
Permissions::VIEW_TRASH => false,
|
Permissions::VIEW_TRASH => false,
|
||||||
|
|
||||||
Permissions::PERFORM_BULK_ACTIONS => false,
|
Permissions::PERFORM_BULK_ACTIONS => false,
|
||||||
|
|
||||||
|
Permissions::BULK_ADD => false,
|
||||||
|
Permissions::EDIT_FILES => false,
|
||||||
|
Permissions::EDIT_TAG_CATEGORIES => false,
|
||||||
|
Permissions::RESCAN_MEDIA => false,
|
||||||
|
Permissions::SEE_IMAGE_VIEW_COUNTS => false,
|
||||||
|
|
||||||
|
Permissions::ARTISTS_ADMIN => false,
|
||||||
|
Permissions::BLOTTER_ADMIN => false,
|
||||||
|
Permissions::FORUM_ADMIN => false,
|
||||||
|
Permissions::NOTES_ADMIN => false,
|
||||||
|
Permissions::POOLS_ADMIN => false,
|
||||||
|
Permissions::TIPS_ADMIN => false,
|
||||||
]);
|
]);
|
||||||
|
|
||||||
new UserClass("anonymous", "base", [
|
new UserClass("anonymous", "base", [
|
||||||
@ -183,6 +197,7 @@ new UserClass("admin", "base", [
|
|||||||
Permissions::MASS_TAG_EDIT => true,
|
Permissions::MASS_TAG_EDIT => true,
|
||||||
Permissions::CREATE_IMAGE_REPORT => true,
|
Permissions::CREATE_IMAGE_REPORT => true,
|
||||||
Permissions::VIEW_IMAGE_REPORT => true,
|
Permissions::VIEW_IMAGE_REPORT => true,
|
||||||
|
Permissions::WIKI_ADMIN => true,
|
||||||
Permissions::EDIT_WIKI_PAGE => true,
|
Permissions::EDIT_WIKI_PAGE => true,
|
||||||
Permissions::DELETE_WIKI_PAGE => true,
|
Permissions::DELETE_WIKI_PAGE => true,
|
||||||
Permissions::VIEW_EVENTLOG => true,
|
Permissions::VIEW_EVENTLOG => true,
|
||||||
@ -200,6 +215,17 @@ new UserClass("admin", "base", [
|
|||||||
Permissions::BULK_EDIT_IMAGE_RATING => true,
|
Permissions::BULK_EDIT_IMAGE_RATING => true,
|
||||||
Permissions::VIEW_TRASH => true,
|
Permissions::VIEW_TRASH => true,
|
||||||
Permissions::PERFORM_BULK_ACTIONS => true,
|
Permissions::PERFORM_BULK_ACTIONS => true,
|
||||||
|
Permissions::BULK_ADD => true,
|
||||||
|
Permissions::EDIT_FILES => true,
|
||||||
|
Permissions::EDIT_TAG_CATEGORIES => true,
|
||||||
|
Permissions::RESCAN_MEDIA => true,
|
||||||
|
Permissions::SEE_IMAGE_VIEW_COUNTS => true,
|
||||||
|
Permissions::ARTISTS_ADMIN => true,
|
||||||
|
Permissions::BLOTTER_ADMIN => true,
|
||||||
|
Permissions::FORUM_ADMIN => true,
|
||||||
|
Permissions::NOTES_ADMIN => true,
|
||||||
|
Permissions::POOLS_ADMIN => true,
|
||||||
|
Permissions::TIPS_ADMIN => true,
|
||||||
]);
|
]);
|
||||||
|
|
||||||
new UserClass("hellbanned", "user", [
|
new UserClass("hellbanned", "user", [
|
||||||
|
|||||||
@ -204,7 +204,7 @@ class Artists extends Extension
|
|||||||
$urls = $this->get_urls($artist['id']);
|
$urls = $this->get_urls($artist['id']);
|
||||||
|
|
||||||
$userIsLogged = !$user->is_anonymous();
|
$userIsLogged = !$user->is_anonymous();
|
||||||
$userIsAdmin = $user->is_admin();
|
$userIsAdmin = $user->can(Permissions::ARTISTS_ADMIN);
|
||||||
|
|
||||||
$images = Image::find_images(0, 4, Tag::explode($artist['name']));
|
$images = Image::find_images(0, 4, Tag::explode($artist['name']));
|
||||||
|
|
||||||
@ -231,7 +231,7 @@ class Artists extends Extension
|
|||||||
if (!$user->is_anonymous()) {
|
if (!$user->is_anonymous()) {
|
||||||
$this->theme->show_artist_editor($artist, $aliases, $members, $urls);
|
$this->theme->show_artist_editor($artist, $aliases, $members, $urls);
|
||||||
|
|
||||||
$userIsAdmin = $user->is_admin();
|
$userIsAdmin = $user->can(Permissions::ARTISTS_ADMIN);
|
||||||
$this->theme->sidebar_options("editor", $artistID, $userIsAdmin);
|
$this->theme->sidebar_options("editor", $artistID, $userIsAdmin);
|
||||||
} else {
|
} else {
|
||||||
$this->theme->display_error(401, "Error", "You must be registered and logged in to edit an artist.");
|
$this->theme->display_error(401, "Error", "You must be registered and logged in to edit an artist.");
|
||||||
|
|||||||
@ -216,7 +216,7 @@ class ArtistsTheme extends Themelet
|
|||||||
if (!$user->is_anonymous()) {
|
if (!$user->is_anonymous()) {
|
||||||
$html .= "<td>".$edit_link."</td>";
|
$html .= "<td>".$edit_link."</td>";
|
||||||
}
|
}
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::ARTISTS_ADMIN)) {
|
||||||
$html .= "<td>".$del_link."</td>";
|
$html .= "<td>".$del_link."</td>";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -52,7 +52,7 @@ class Blotter extends Extension
|
|||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
if ($event->parent==="system") {
|
if ($event->parent==="system") {
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::BLOTTER_ADMIN)) {
|
||||||
$event->add_nav_link("blotter", new Link('blotter/editor'), "Blotter Editor");
|
$event->add_nav_link("blotter", new Link('blotter/editor'), "Blotter Editor");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -62,7 +62,7 @@ class Blotter extends Extension
|
|||||||
public function onUserBlockBuilding(UserBlockBuildingEvent $event)
|
public function onUserBlockBuilding(UserBlockBuildingEvent $event)
|
||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::BLOTTER_ADMIN)) {
|
||||||
$event->add_link("Blotter Editor", make_link("blotter/editor"));
|
$event->add_link("Blotter Editor", make_link("blotter/editor"));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -76,7 +76,7 @@ class Blotter extends Extension
|
|||||||
/**
|
/**
|
||||||
* Displays the blotter editor.
|
* Displays the blotter editor.
|
||||||
*/
|
*/
|
||||||
if (!$user->is_admin()) {
|
if (!$user->can(Permissions::BLOTTER_ADMIN)) {
|
||||||
$this->theme->display_permission_denied();
|
$this->theme->display_permission_denied();
|
||||||
} else {
|
} else {
|
||||||
$entries = $database->get_all("SELECT * FROM blotter ORDER BY id DESC");
|
$entries = $database->get_all("SELECT * FROM blotter ORDER BY id DESC");
|
||||||
@ -87,7 +87,7 @@ class Blotter extends Extension
|
|||||||
/**
|
/**
|
||||||
* Adds an entry
|
* Adds an entry
|
||||||
*/
|
*/
|
||||||
if (!$user->is_admin() || !$user->check_auth_token()) {
|
if (!$user->can(Permissions::BLOTTER_ADMIN) || !$user->check_auth_token()) {
|
||||||
$this->theme->display_permission_denied();
|
$this->theme->display_permission_denied();
|
||||||
} else {
|
} else {
|
||||||
$entry_text = $_POST['entry_text'];
|
$entry_text = $_POST['entry_text'];
|
||||||
@ -113,7 +113,7 @@ class Blotter extends Extension
|
|||||||
/**
|
/**
|
||||||
* Removes an entry
|
* Removes an entry
|
||||||
*/
|
*/
|
||||||
if (!$user->is_admin() || !$user->check_auth_token()) {
|
if (!$user->can(Permissions::BLOTTER_ADMIN) || !$user->check_auth_token()) {
|
||||||
$this->theme->display_permission_denied();
|
$this->theme->display_permission_denied();
|
||||||
} else {
|
} else {
|
||||||
$id = int_escape($_POST['id']);
|
$id = int_escape($_POST['id']);
|
||||||
|
|||||||
@ -18,7 +18,7 @@ class BulkAdd extends Extension
|
|||||||
{
|
{
|
||||||
global $page, $user;
|
global $page, $user;
|
||||||
if ($event->page_matches("bulk_add")) {
|
if ($event->page_matches("bulk_add")) {
|
||||||
if ($user->is_admin() && $user->check_auth_token() && isset($_POST['dir'])) {
|
if ($user->can(Permissions::BULK_ADD) && $user->check_auth_token() && isset($_POST['dir'])) {
|
||||||
set_time_limit(0);
|
set_time_limit(0);
|
||||||
$bae = new BulkAddEvent($_POST['dir']);
|
$bae = new BulkAddEvent($_POST['dir']);
|
||||||
send_event($bae);
|
send_event($bae);
|
||||||
|
|||||||
@ -6,7 +6,7 @@ class BulkAddCSV extends Extension
|
|||||||
{
|
{
|
||||||
global $page, $user;
|
global $page, $user;
|
||||||
if ($event->page_matches("bulk_add_csv")) {
|
if ($event->page_matches("bulk_add_csv")) {
|
||||||
if ($user->is_admin() && $user->check_auth_token() && isset($_POST['csv'])) {
|
if ($user->can(Permissions::BULK_ADD) && $user->check_auth_token() && isset($_POST['csv'])) {
|
||||||
set_time_limit(0);
|
set_time_limit(0);
|
||||||
$this->add_csv($_POST['csv']);
|
$this->add_csv($_POST['csv']);
|
||||||
$this->theme->display_upload_results($page);
|
$this->theme->display_upload_results($page);
|
||||||
@ -24,7 +24,7 @@ class BulkAddCSV extends Extension
|
|||||||
global $user;
|
global $user;
|
||||||
|
|
||||||
//Nag until CLI is admin by default
|
//Nag until CLI is admin by default
|
||||||
if (!$user->is_admin()) {
|
if (!$user->can(Permissions::BULK_ADD)) {
|
||||||
print "Not running as an admin, which can cause problems.\n";
|
print "Not running as an admin, which can cause problems.\n";
|
||||||
print "Please add the parameter: -u admin_username";
|
print "Please add the parameter: -u admin_username";
|
||||||
} elseif (count($event->args) == 1) {
|
} elseif (count($event->args) == 1) {
|
||||||
|
|||||||
@ -7,7 +7,7 @@ class BulkRemove extends Extension
|
|||||||
public function onPageRequest(PageRequestEvent $event)
|
public function onPageRequest(PageRequestEvent $event)
|
||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
if ($event->page_matches("bulk_remove") && $user->is_admin() && $user->check_auth_token()) {
|
if ($event->page_matches("bulk_remove") && $user->can(Permissions::BULK_ADD) && $user->check_auth_token()) {
|
||||||
if ($event->get_arg(0) == "confirm") {
|
if ($event->get_arg(0) == "confirm") {
|
||||||
$this->do_bulk_remove();
|
$this->do_bulk_remove();
|
||||||
} else {
|
} else {
|
||||||
|
|||||||
@ -65,7 +65,7 @@ class CronUploader extends Extension
|
|||||||
flock($lockfile, LOCK_UN);
|
flock($lockfile, LOCK_UN);
|
||||||
fclose($lockfile);
|
fclose($lockfile);
|
||||||
}
|
}
|
||||||
} elseif ($user->is_admin()) {
|
} elseif ($user->can(Permissions::BULK_ADD)) {
|
||||||
$this->set_dir();
|
$this->set_dir();
|
||||||
$this->display_documentation();
|
$this->display_documentation();
|
||||||
}
|
}
|
||||||
|
|||||||
@ -89,7 +89,7 @@ class Forum extends Extension
|
|||||||
if ($event->page_matches("forum")) {
|
if ($event->page_matches("forum")) {
|
||||||
switch ($event->get_arg(0)) {
|
switch ($event->get_arg(0)) {
|
||||||
case "index":
|
case "index":
|
||||||
$this->show_last_threads($page, $event, $user->is_admin());
|
$this->show_last_threads($page, $event, $user->can(Permissions::FORUM_ADMIN));
|
||||||
if (!$user->is_anonymous()) {
|
if (!$user->is_anonymous()) {
|
||||||
$this->theme->display_new_thread_composer($page);
|
$this->theme->display_new_thread_composer($page);
|
||||||
}
|
}
|
||||||
@ -104,8 +104,8 @@ class Forum extends Extension
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->show_posts($event, $user->is_admin());
|
$this->show_posts($event, $user->can(Permissions::FORUM_ADMIN));
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::FORUM_ADMIN)) {
|
||||||
$this->theme->add_actions_block($page, $threadID);
|
$this->theme->add_actions_block($page, $threadID);
|
||||||
}
|
}
|
||||||
if (!$user->is_anonymous()) {
|
if (!$user->is_anonymous()) {
|
||||||
@ -139,7 +139,7 @@ class Forum extends Extension
|
|||||||
$threadID = int_escape($event->get_arg(1));
|
$threadID = int_escape($event->get_arg(1));
|
||||||
$postID = int_escape($event->get_arg(2));
|
$postID = int_escape($event->get_arg(2));
|
||||||
|
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::FORUM_ADMIN)) {
|
||||||
$this->delete_post($postID);
|
$this->delete_post($postID);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -149,7 +149,7 @@ class Forum extends Extension
|
|||||||
case "nuke":
|
case "nuke":
|
||||||
$threadID = int_escape($event->get_arg(1));
|
$threadID = int_escape($event->get_arg(1));
|
||||||
|
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::FORUM_ADMIN)) {
|
||||||
$this->delete_thread($threadID);
|
$this->delete_thread($threadID);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -38,7 +38,7 @@ class ForumTheme extends Themelet
|
|||||||
<tr><td>Title:</td><td><input type='text' name='title' value='$threadTitle'></td></tr>
|
<tr><td>Title:</td><td><input type='text' name='title' value='$threadTitle'></td></tr>
|
||||||
<tr><td>Message:</td><td><textarea id='message' name='message' >$threadText</textarea></td></tr>
|
<tr><td>Message:</td><td><textarea id='message' name='message' >$threadText</textarea></td></tr>
|
||||||
<tr><td></td><td><small>Max characters alowed: $max_characters.</small></td></tr>";
|
<tr><td></td><td><small>Max characters alowed: $max_characters.</small></td></tr>";
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::FORUM_ADMIN)) {
|
||||||
$html .= "<tr><td colspan='2'><label for='sticky'>Sticky:</label><input name='sticky' id='sticky' type='checkbox' value='Y' /></td></tr>";
|
$html .= "<tr><td colspan='2'><label for='sticky'>Sticky:</label><input name='sticky' id='sticky' type='checkbox' value='Y' /></td></tr>";
|
||||||
}
|
}
|
||||||
$html .= "<tr><td colspan='2'><input type='submit' value='Submit' /></td></tr>
|
$html .= "<tr><td colspan='2'><input type='submit' value='Submit' /></td></tr>
|
||||||
@ -121,7 +121,7 @@ class ForumTheme extends Themelet
|
|||||||
|
|
||||||
$postID = $post['id'];
|
$postID = $post['id'];
|
||||||
|
|
||||||
//if($user->is_admin()){
|
//if($user->can(Permissions::FORUM_ADMIN)){
|
||||||
//$delete_link = "<a href=".make_link("forum/delete/".$threadID."/".$postID).">Delete</a>";
|
//$delete_link = "<a href=".make_link("forum/delete/".$threadID."/".$postID).">Delete</a>";
|
||||||
//} else {
|
//} else {
|
||||||
//$delete_link = "";
|
//$delete_link = "";
|
||||||
|
|||||||
@ -26,7 +26,7 @@ class ImageViewCounter extends Extension
|
|||||||
global $user, $config;
|
global $user, $config;
|
||||||
|
|
||||||
$adminonly = $config->get_bool("image_viewcounter_adminonly"); // todo
|
$adminonly = $config->get_bool("image_viewcounter_adminonly"); // todo
|
||||||
if ($adminonly == false || ($adminonly && $user->is_admin())) {
|
if ($adminonly == false || ($adminonly && $user->can(Permissions::SEE_IMAGE_VIEW_COUNTS))) {
|
||||||
$event->add_part(
|
$event->add_part(
|
||||||
"<tr><th>Views:</th><td>".
|
"<tr><th>Views:</th><td>".
|
||||||
$this->get_view_count($event->image->id) .
|
$this->get_view_count($event->image->id) .
|
||||||
|
|||||||
@ -253,7 +253,7 @@ class Media extends Extension
|
|||||||
{
|
{
|
||||||
global $database, $page, $user;
|
global $database, $page, $user;
|
||||||
|
|
||||||
if ($event->page_matches("media_rescan/") && $user->is_admin() && isset($_POST['image_id'])) {
|
if ($event->page_matches("media_rescan/") && $user->can(Permissions::RESCAN_MEDIA) && isset($_POST['image_id'])) {
|
||||||
$image = Image::by_id(int_escape($_POST['image_id']));
|
$image = Image::by_id(int_escape($_POST['image_id']));
|
||||||
|
|
||||||
$this->update_image_media_properties($image->hash, $image->ext);
|
$this->update_image_media_properties($image->hash, $image->ext);
|
||||||
@ -321,7 +321,7 @@ class Media extends Extension
|
|||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
|
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::RESCAN_MEDIA)) {
|
||||||
$event->add_action("bulk_media_rescan", "Scan Media Properties");
|
$event->add_action("bulk_media_rescan", "Scan Media Properties");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -332,7 +332,7 @@ class Media extends Extension
|
|||||||
|
|
||||||
switch ($event->action) {
|
switch ($event->action) {
|
||||||
case "bulk_media_rescan":
|
case "bulk_media_rescan":
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::RESCAN_MEDIA)) {
|
||||||
$total = 0;
|
$total = 0;
|
||||||
foreach ($event->items as $image) {
|
foreach ($event->items as $image) {
|
||||||
try {
|
try {
|
||||||
|
|||||||
@ -113,7 +113,7 @@ class Notes extends Extension
|
|||||||
$page->set_redirect(make_link("post/view/".$_POST["image_id"]));
|
$page->set_redirect(make_link("post/view/".$_POST["image_id"]));
|
||||||
break;
|
break;
|
||||||
case "nuke_notes":
|
case "nuke_notes":
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::NOTES_ADMIN)) {
|
||||||
$this->nuke_notes();
|
$this->nuke_notes();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -121,7 +121,7 @@ class Notes extends Extension
|
|||||||
$page->set_redirect(make_link("post/view/".$_POST["image_id"]));
|
$page->set_redirect(make_link("post/view/".$_POST["image_id"]));
|
||||||
break;
|
break;
|
||||||
case "nuke_requests":
|
case "nuke_requests":
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::NOTES_ADMIN)) {
|
||||||
$this->nuke_requests();
|
$this->nuke_requests();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -136,7 +136,7 @@ class Notes extends Extension
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case "delete_note":
|
case "delete_note":
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::NOTES_ADMIN)) {
|
||||||
$this->delete_note();
|
$this->delete_note();
|
||||||
$page->set_mode(PageMode::REDIRECT);
|
$page->set_mode(PageMode::REDIRECT);
|
||||||
$page->set_redirect(make_link("post/view/".$_POST["image_id"]));
|
$page->set_redirect(make_link("post/view/".$_POST["image_id"]));
|
||||||
@ -160,7 +160,7 @@ class Notes extends Extension
|
|||||||
|
|
||||||
//display form on image event
|
//display form on image event
|
||||||
$notes = $this->get_notes($event->image->id);
|
$notes = $this->get_notes($event->image->id);
|
||||||
$this->theme->display_note_system($page, $event->image->id, $notes, $user->is_admin());
|
$this->theme->display_note_system($page, $event->image->id, $notes, $user->can(Permissions::NOTES_ADMIN));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -173,7 +173,7 @@ class Notes extends Extension
|
|||||||
if (!$user->is_anonymous()) {
|
if (!$user->is_anonymous()) {
|
||||||
$event->add_part($this->theme->note_button($event->image->id));
|
$event->add_part($this->theme->note_button($event->image->id));
|
||||||
$event->add_part($this->theme->request_button($event->image->id));
|
$event->add_part($this->theme->request_button($event->image->id));
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::NOTES_ADMIN)) {
|
||||||
$event->add_part($this->theme->nuke_notes_button($event->image->id));
|
$event->add_part($this->theme->nuke_notes_button($event->image->id));
|
||||||
$event->add_part($this->theme->nuke_requests_button($event->image->id));
|
$event->add_part($this->theme->nuke_requests_button($event->image->id));
|
||||||
}
|
}
|
||||||
|
|||||||
@ -291,7 +291,7 @@ class Pools extends Extension
|
|||||||
case "nuke":
|
case "nuke":
|
||||||
// Completely remove the given pool.
|
// Completely remove the given pool.
|
||||||
// -> Only admins and owners may do this
|
// -> Only admins and owners may do this
|
||||||
if ($user->is_admin() || $user->id == $pool['user_id']) {
|
if ($user->can(Permissions::POOLS_ADMIN) || $user->id == $pool['user_id']) {
|
||||||
$this->nuke_pool($pool_id);
|
$this->nuke_pool($pool_id);
|
||||||
$page->set_mode(PageMode::REDIRECT);
|
$page->set_mode(PageMode::REDIRECT);
|
||||||
$page->set_redirect(make_link("pool/list"));
|
$page->set_redirect(make_link("pool/list"));
|
||||||
@ -351,7 +351,7 @@ class Pools extends Extension
|
|||||||
{
|
{
|
||||||
global $config, $database, $user;
|
global $config, $database, $user;
|
||||||
if ($config->get_bool(PoolsConfig::ADDER_ON_VIEW_IMAGE) && !$user->is_anonymous()) {
|
if ($config->get_bool(PoolsConfig::ADDER_ON_VIEW_IMAGE) && !$user->is_anonymous()) {
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::POOLS_ADMIN)) {
|
||||||
$pools = $database->get_all("SELECT * FROM pools");
|
$pools = $database->get_all("SELECT * FROM pools");
|
||||||
} else {
|
} else {
|
||||||
$pools = $database->get_all("SELECT * FROM pools WHERE user_id=:id", ["id" => $user->id]);
|
$pools = $database->get_all("SELECT * FROM pools WHERE user_id=:id", ["id" => $user->id]);
|
||||||
@ -479,7 +479,7 @@ class Pools extends Extension
|
|||||||
private function have_permission(User $user, array $pool): bool
|
private function have_permission(User $user, array $pool): bool
|
||||||
{
|
{
|
||||||
// If the pool is public and user is logged OR if the user is admin OR if the pool is owned by the user.
|
// If the pool is public and user is logged OR if the user is admin OR if the pool is owned by the user.
|
||||||
if ((($pool['public'] == "Y" || $pool['public'] == "y") && !$user->is_anonymous()) || $user->is_admin() || $user->id == $pool['user_id']) {
|
if ((($pool['public'] == "Y" || $pool['public'] == "y") && !$user->is_anonymous()) || $user->can(Permissions::POOLS_ADMIN) || $user->id == $pool['user_id']) {
|
||||||
return true;
|
return true;
|
||||||
} else {
|
} else {
|
||||||
return false;
|
return false;
|
||||||
@ -887,7 +887,7 @@ class Pools extends Extension
|
|||||||
global $user, $database;
|
global $user, $database;
|
||||||
|
|
||||||
$p_id = $database->get_one("SELECT user_id FROM pools WHERE id = :pid", ["pid" => $poolID]);
|
$p_id = $database->get_one("SELECT user_id FROM pools WHERE id = :pid", ["pid" => $poolID]);
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::POOLS_ADMIN)) {
|
||||||
$database->execute("DELETE FROM pool_history WHERE pool_id = :pid", ["pid" => $poolID]);
|
$database->execute("DELETE FROM pool_history WHERE pool_id = :pid", ["pid" => $poolID]);
|
||||||
$database->execute("DELETE FROM pool_images WHERE pool_id = :pid", ["pid" => $poolID]);
|
$database->execute("DELETE FROM pool_images WHERE pool_id = :pid", ["pid" => $poolID]);
|
||||||
$database->execute("DELETE FROM pools WHERE id = :pid", ["pid" => $poolID]);
|
$database->execute("DELETE FROM pools WHERE id = :pid", ["pid" => $poolID]);
|
||||||
|
|||||||
@ -137,7 +137,7 @@ class PoolsTheme extends Themelet
|
|||||||
|
|
||||||
if (!is_null($pools) && count($pools) == 1) {
|
if (!is_null($pools) && count($pools) == 1) {
|
||||||
$pool = $pools[0];
|
$pool = $pools[0];
|
||||||
if ($pool['public'] == "Y" || $user->is_admin()) {// IF THE POOL IS PUBLIC OR IS ADMIN SHOW EDIT PANEL
|
if ($pool['public'] == "Y" || $user->can(Permissions::POOLS_ADMIN)) {// IF THE POOL IS PUBLIC OR IS ADMIN SHOW EDIT PANEL
|
||||||
if (!$user->is_anonymous()) {// IF THE USER IS REGISTERED AND LOGGED IN SHOW EDIT PANEL
|
if (!$user->is_anonymous()) {// IF THE USER IS REGISTERED AND LOGGED IN SHOW EDIT PANEL
|
||||||
$this->sidebar_options($page, $pool, $check_all);
|
$this->sidebar_options($page, $pool, $check_all);
|
||||||
}
|
}
|
||||||
@ -195,7 +195,7 @@ class PoolsTheme extends Themelet
|
|||||||
</form>
|
</form>
|
||||||
';
|
';
|
||||||
|
|
||||||
if ($user->id == $pool['user_id'] || $user->is_admin()) {
|
if ($user->id == $pool['user_id'] || $user->can(Permissions::POOLS_ADMIN)) {
|
||||||
$editor .= "
|
$editor .= "
|
||||||
<script type='text/javascript'>
|
<script type='text/javascript'>
|
||||||
<!--
|
<!--
|
||||||
|
|||||||
@ -187,7 +187,7 @@ class Ratings extends Extension
|
|||||||
// public function onPostListBuilding(PostListBuildingEvent $event)
|
// public function onPostListBuilding(PostListBuildingEvent $event)
|
||||||
// {
|
// {
|
||||||
// global $user;
|
// global $user;
|
||||||
// if ($user->is_admin() && !empty($event->search_terms)) {
|
// if ($user->can(Permissions::BULK_EDIT_IMAGE_RATING) && !empty($event->search_terms)) {
|
||||||
// $this->theme->display_bulk_rater(Tag::implode($event->search_terms));
|
// $this->theme->display_bulk_rater(Tag::implode($event->search_terms));
|
||||||
// }
|
// }
|
||||||
// }
|
// }
|
||||||
|
|||||||
@ -36,7 +36,7 @@ class ResizeImage extends Extension
|
|||||||
public function onImageAdminBlockBuilding(ImageAdminBlockBuildingEvent $event)
|
public function onImageAdminBlockBuilding(ImageAdminBlockBuildingEvent $event)
|
||||||
{
|
{
|
||||||
global $user, $config;
|
global $user, $config;
|
||||||
if ($user->is_admin() && $config->get_bool(ResizeConfig::ENABLED)
|
if ($user->can(Permissions::EDIT_FILES) && $config->get_bool(ResizeConfig::ENABLED)
|
||||||
&& $this->can_resize_format($event->image->ext, $event->image->lossless)) {
|
&& $this->can_resize_format($event->image->ext, $event->image->lossless)) {
|
||||||
/* Add a link to resize the image */
|
/* Add a link to resize the image */
|
||||||
$event->add_part($this->theme->get_resize_html($event->image));
|
$event->add_part($this->theme->get_resize_html($event->image));
|
||||||
@ -113,7 +113,7 @@ class ResizeImage extends Extension
|
|||||||
{
|
{
|
||||||
global $page, $user;
|
global $page, $user;
|
||||||
|
|
||||||
if ($event->page_matches("resize") && $user->is_admin()) {
|
if ($event->page_matches("resize") && $user->can(Permissions::EDIT_FILES)) {
|
||||||
// Try to get the image ID
|
// Try to get the image ID
|
||||||
$image_id = int_escape($event->get_arg(0));
|
$image_id = int_escape($event->get_arg(0));
|
||||||
if (empty($image_id)) {
|
if (empty($image_id)) {
|
||||||
|
|||||||
@ -31,7 +31,7 @@ class RotateImage extends Extension
|
|||||||
public function onImageAdminBlockBuilding(ImageAdminBlockBuildingEvent $event)
|
public function onImageAdminBlockBuilding(ImageAdminBlockBuildingEvent $event)
|
||||||
{
|
{
|
||||||
global $user, $config;
|
global $user, $config;
|
||||||
if ($user->is_admin() && $config->get_bool("rotate_enabled")
|
if ($user->can(Permissions::EDIT_FILES) && $config->get_bool("rotate_enabled")
|
||||||
&& in_array($event->image->ext, self::SUPPORTED_EXT)) {
|
&& in_array($event->image->ext, self::SUPPORTED_EXT)) {
|
||||||
/* Add a link to rotate the image */
|
/* Add a link to rotate the image */
|
||||||
$event->add_part($this->theme->get_rotate_html($event->image->id));
|
$event->add_part($this->theme->get_rotate_html($event->image->id));
|
||||||
@ -52,7 +52,7 @@ class RotateImage extends Extension
|
|||||||
{
|
{
|
||||||
global $page, $user;
|
global $page, $user;
|
||||||
|
|
||||||
if ($event->page_matches("rotate") && $user->is_admin()) {
|
if ($event->page_matches("rotate") && $user->can(Permissions::EDIT_FILES)) {
|
||||||
// Try to get the image ID
|
// Try to get the image ID
|
||||||
$image_id = int_escape($event->get_arg(0));
|
$image_id = int_escape($event->get_arg(0));
|
||||||
if (empty($image_id)) {
|
if (empty($image_id)) {
|
||||||
|
|||||||
@ -52,7 +52,7 @@ class TagCategories extends Extension
|
|||||||
global $page, $user;
|
global $page, $user;
|
||||||
|
|
||||||
if ($event->page_matches("tags/categories")) {
|
if ($event->page_matches("tags/categories")) {
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::EDIT_TAG_CATEGORIES)) {
|
||||||
$this->page_update();
|
$this->page_update();
|
||||||
$this->show_tag_categories($page);
|
$this->show_tag_categories($page);
|
||||||
}
|
}
|
||||||
@ -123,7 +123,7 @@ class TagCategories extends Extension
|
|||||||
{
|
{
|
||||||
global $user, $database;
|
global $user, $database;
|
||||||
|
|
||||||
if (!$user->is_admin()) {
|
if (!$user->can(Permissions::EDIT_TAG_CATEGORIES)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -32,7 +32,7 @@ class Tips extends Extension
|
|||||||
|
|
||||||
$this->getTip();
|
$this->getTip();
|
||||||
|
|
||||||
if ($event->page_matches("tips") && $user->is_admin()) {
|
if ($event->page_matches("tips") && $user->can(Permissions::TIPS_ADMIN)) {
|
||||||
switch ($event->get_arg(0)) {
|
switch ($event->get_arg(0)) {
|
||||||
case "list":
|
case "list":
|
||||||
$this->manageTips();
|
$this->manageTips();
|
||||||
@ -67,7 +67,7 @@ class Tips extends Extension
|
|||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
if ($event->parent==="system") {
|
if ($event->parent==="system") {
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::TIPS_ADMIN)) {
|
||||||
$event->add_nav_link("tips", new Link('tips/list'), "Tips Editor");
|
$event->add_nav_link("tips", new Link('tips/list'), "Tips Editor");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -76,7 +76,7 @@ class Tips extends Extension
|
|||||||
public function onUserBlockBuilding(UserBlockBuildingEvent $event)
|
public function onUserBlockBuilding(UserBlockBuildingEvent $event)
|
||||||
{
|
{
|
||||||
global $user;
|
global $user;
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::TIPS_ADMIN)) {
|
||||||
$event->add_link("Tips Editor", make_link("tips/list"));
|
$event->add_link("Tips Editor", make_link("tips/list"));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -63,7 +63,7 @@ class TipsTheme extends Themelet
|
|||||||
"<th>Image</th>".
|
"<th>Image</th>".
|
||||||
"<th>Text</th>";
|
"<th>Text</th>";
|
||||||
|
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::TIPS_ADMIN)) {
|
||||||
$html .= "<th>Action</th>";
|
$html .= "<th>Action</th>";
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -85,7 +85,7 @@ class TipsTheme extends Themelet
|
|||||||
|
|
||||||
$del_link = "<a href='".make_link("tips/delete/".$tip['id'])."'>Delete</a>";
|
$del_link = "<a href='".make_link("tips/delete/".$tip['id'])."'>Delete</a>";
|
||||||
|
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::TIPS_ADMIN)) {
|
||||||
$html .= "<td>".$del_link."</td>";
|
$html .= "<td>".$del_link."</td>";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -66,7 +66,7 @@ class TranscodeImage extends Extension
|
|||||||
{
|
{
|
||||||
global $user, $config;
|
global $user, $config;
|
||||||
|
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::EDIT_FILES)) {
|
||||||
$engine = $config->get_string(TranscodeConfig::ENGINE);
|
$engine = $config->get_string(TranscodeConfig::ENGINE);
|
||||||
if ($this->can_convert_format($engine, $event->image->ext, $event->image->lossless)) {
|
if ($this->can_convert_format($engine, $event->image->ext, $event->image->lossless)) {
|
||||||
$options = $this->get_supported_output_formats($engine, $event->image->ext, $event->image->lossless??false);
|
$options = $this->get_supported_output_formats($engine, $event->image->ext, $event->image->lossless??false);
|
||||||
@ -135,7 +135,7 @@ class TranscodeImage extends Extension
|
|||||||
{
|
{
|
||||||
global $page, $user;
|
global $page, $user;
|
||||||
|
|
||||||
if ($event->page_matches("transcode") && $user->is_admin()) {
|
if ($event->page_matches("transcode") && $user->can(Permissions::EDIT_FILES)) {
|
||||||
$image_id = int_escape($event->get_arg(0));
|
$image_id = int_escape($event->get_arg(0));
|
||||||
if (empty($image_id)) {
|
if (empty($image_id)) {
|
||||||
$image_id = isset($_POST['image_id']) ? int_escape($_POST['image_id']) : null;
|
$image_id = isset($_POST['image_id']) ? int_escape($_POST['image_id']) : null;
|
||||||
@ -168,7 +168,7 @@ class TranscodeImage extends Extension
|
|||||||
|
|
||||||
$engine = $config->get_string(TranscodeConfig::ENGINE);
|
$engine = $config->get_string(TranscodeConfig::ENGINE);
|
||||||
|
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::EDIT_FILES)) {
|
||||||
$event->add_action(self::ACTION_BULK_TRANSCODE, "Transcode", null, "", $this->theme->get_transcode_picker_html($this->get_supported_output_formats($engine)));
|
$event->add_action(self::ACTION_BULK_TRANSCODE, "Transcode", null, "", $this->theme->get_transcode_picker_html($this->get_supported_output_formats($engine)));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -182,7 +182,7 @@ class TranscodeImage extends Extension
|
|||||||
if (!isset($_POST['transcode_format'])) {
|
if (!isset($_POST['transcode_format'])) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::EDIT_FILES)) {
|
||||||
$format = $_POST['transcode_format'];
|
$format = $_POST['transcode_format'];
|
||||||
$total = 0;
|
$total = 0;
|
||||||
foreach ($event->items as $image) {
|
foreach ($event->items as $image) {
|
||||||
|
|||||||
@ -28,7 +28,7 @@ class Update extends Extension
|
|||||||
public function onPageRequest(PageRequestEvent $event)
|
public function onPageRequest(PageRequestEvent $event)
|
||||||
{
|
{
|
||||||
global $user, $page;
|
global $user, $page;
|
||||||
if ($user->is_admin() && isset($_GET['sha'])) {
|
if ($user->can(Permissions::EDIT_FILES) && isset($_GET['sha'])) {
|
||||||
if ($event->page_matches("update/download")) {
|
if ($event->page_matches("update/download")) {
|
||||||
$ok = $this->download_shimmie();
|
$ok = $this->download_shimmie();
|
||||||
|
|
||||||
|
|||||||
@ -118,7 +118,7 @@ class Wiki extends Extension
|
|||||||
$title = $_POST['title'];
|
$title = $_POST['title'];
|
||||||
$rev = int_escape($_POST['revision']);
|
$rev = int_escape($_POST['revision']);
|
||||||
$body = $_POST['body'];
|
$body = $_POST['body'];
|
||||||
$lock = $user->is_admin() && isset($_POST['lock']) && ($_POST['lock'] == "on");
|
$lock = $user->can(Permissions::WIKI_ADMIN) && isset($_POST['lock']) && ($_POST['lock'] == "on");
|
||||||
|
|
||||||
if ($this->can_edit($user, $this->get_page($title))) {
|
if ($this->can_edit($user, $this->get_page($title))) {
|
||||||
$wikipage = $this->get_page($title);
|
$wikipage = $this->get_page($title);
|
||||||
@ -144,7 +144,7 @@ class Wiki extends Extension
|
|||||||
$this->theme->display_permission_denied();
|
$this->theme->display_permission_denied();
|
||||||
}
|
}
|
||||||
} elseif ($event->page_matches("wiki_admin/delete_revision")) {
|
} elseif ($event->page_matches("wiki_admin/delete_revision")) {
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::WIKI_ADMIN)) {
|
||||||
global $database;
|
global $database;
|
||||||
$database->Execute(
|
$database->Execute(
|
||||||
"DELETE FROM wiki_pages WHERE title=:title AND revision=:rev",
|
"DELETE FROM wiki_pages WHERE title=:title AND revision=:rev",
|
||||||
@ -155,7 +155,7 @@ class Wiki extends Extension
|
|||||||
$page->set_redirect(make_link("wiki/$u_title"));
|
$page->set_redirect(make_link("wiki/$u_title"));
|
||||||
}
|
}
|
||||||
} elseif ($event->page_matches("wiki_admin/delete_all")) {
|
} elseif ($event->page_matches("wiki_admin/delete_all")) {
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::WIKI_ADMIN)) {
|
||||||
global $database;
|
global $database;
|
||||||
$database->Execute(
|
$database->Execute(
|
||||||
"DELETE FROM wiki_pages WHERE title=:title",
|
"DELETE FROM wiki_pages WHERE title=:title",
|
||||||
@ -203,7 +203,7 @@ class Wiki extends Extension
|
|||||||
public static function can_edit(User $user, WikiPage $page): bool
|
public static function can_edit(User $user, WikiPage $page): bool
|
||||||
{
|
{
|
||||||
// admins can edit everything
|
// admins can edit everything
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::WIKI_ADMIN)) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -21,7 +21,7 @@ class WikiTheme extends Themelet
|
|||||||
send_event($tfe);
|
send_event($tfe);
|
||||||
|
|
||||||
// only the admin can edit the sidebar
|
// only the admin can edit the sidebar
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::WIKI_ADMIN)) {
|
||||||
$tfe->formatted .= "<p>(<a href='".make_link("wiki/wiki:sidebar", "edit=on")."'>Edit</a>)";
|
$tfe->formatted .= "<p>(<a href='".make_link("wiki/wiki:sidebar", "edit=on")."'>Edit</a>)";
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -46,7 +46,7 @@ class WikiTheme extends Themelet
|
|||||||
$i_revision = int_escape($page->revision) + 1;
|
$i_revision = int_escape($page->revision) + 1;
|
||||||
|
|
||||||
global $user;
|
global $user;
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::WIKI_ADMIN)) {
|
||||||
$val = $page->is_locked() ? " checked" : "";
|
$val = $page->is_locked() ? " checked" : "";
|
||||||
$lock = "<br>Lock page: <input type='checkbox' name='lock'$val>";
|
$lock = "<br>Lock page: <input type='checkbox' name='lock'$val>";
|
||||||
} else {
|
} else {
|
||||||
@ -82,7 +82,7 @@ class WikiTheme extends Themelet
|
|||||||
</form></td>
|
</form></td>
|
||||||
" :
|
" :
|
||||||
"";
|
"";
|
||||||
if ($user->is_admin()) {
|
if ($user->can(Permissions::WIKI_ADMIN)) {
|
||||||
$edit .= "
|
$edit .= "
|
||||||
<td>".make_form(make_link("wiki_admin/delete_revision"))."
|
<td>".make_form(make_link("wiki_admin/delete_revision"))."
|
||||||
<input type='hidden' name='title' value='".html_escape($page->title)."'>
|
<input type='hidden' name='title' value='".html_escape($page->title)."'>
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user