From c33940f64a1e5b59afd700010247382f5b7b2df3 Mon Sep 17 00:00:00 2001 From: Igor Scheller Date: Mon, 12 Nov 2018 14:41:23 +0100 Subject: Moved permission checks to Authenticator class --- includes/pages/admin_free.php | 3 +-- includes/pages/admin_news.php | 5 ++--- includes/pages/admin_questions.php | 4 ++-- includes/pages/admin_user.php | 5 ++--- includes/pages/guest_login.php | 7 ++----- includes/pages/user_atom.php | 2 +- includes/pages/user_ical.php | 2 +- includes/pages/user_myshifts.php | 7 +++---- includes/pages/user_news.php | 11 +++++------ includes/pages/user_shifts.php | 6 +++--- 10 files changed, 22 insertions(+), 30 deletions(-) (limited to 'includes/pages') diff --git a/includes/pages/admin_free.php b/includes/pages/admin_free.php index d8787f36..7b694659 100644 --- a/includes/pages/admin_free.php +++ b/includes/pages/admin_free.php @@ -17,7 +17,6 @@ function admin_free_title() */ function admin_free() { - global $privileges; $request = request(); $search = ''; @@ -88,7 +87,7 @@ function admin_free() 'dect' => $usr->contact->dect, 'email' => $usr->settings->email_human ? ($usr->contact->email ? $usr->contact->email : $usr->email) : glyph('eye-close'), 'actions' => - in_array('admin_user', $privileges) + auth()->can('admin_user') ? button(page_link_to('admin_user', ['id' => $usr->id]), __('edit'), 'btn-xs') : '' ]; diff --git a/includes/pages/admin_news.php b/includes/pages/admin_news.php index 90aeb439..21245eb9 100644 --- a/includes/pages/admin_news.php +++ b/includes/pages/admin_news.php @@ -8,7 +8,6 @@ use Engelsystem\Models\User\User; */ function admin_news() { - global $privileges; $user = auth()->user(); $request = request(); @@ -32,7 +31,7 @@ function admin_news() case 'edit': $user_source = User::find($news['UID']); if ( - !in_array('admin_news_html', $privileges) + !auth()->can('admin_news_html') && strip_tags($news['Text']) != $news['Text'] ) { $html .= warning( @@ -62,7 +61,7 @@ function admin_news() case 'save': $text = $request->postData('eText'); - if (!in_array('admin_news_html', $privileges)) { + if (!auth()->can('admin_news_html')) { $text = strip_tags($text); } diff --git a/includes/pages/admin_questions.php b/includes/pages/admin_questions.php index 60df1ebf..0b5940cc 100644 --- a/includes/pages/admin_questions.php +++ b/includes/pages/admin_questions.php @@ -18,10 +18,10 @@ function admin_questions_title() */ function admin_new_questions() { - global $privileges, $page; + global $page; if ($page != 'admin_questions') { - if (in_array('admin_questions', $privileges)) { + if (auth()->can('admin_questions')) { $new_messages = count(DB::select('SELECT `QID` FROM `Questions` WHERE `AID` IS NULL')); if ($new_messages > 0) { diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php index 3894e724..63993fc9 100644 --- a/includes/pages/admin_user.php +++ b/includes/pages/admin_user.php @@ -16,7 +16,6 @@ function admin_user_title() */ function admin_user() { - global $privileges; $user = auth()->user(); $tshirt_sizes = config('tshirt_sizes'); $request = request(); @@ -83,7 +82,7 @@ function admin_user() $html .= html_options('eAktiv', $options, $user_source->state->active) . '' . "\n"; // Aktiv erzwingen - if (in_array('admin_active', $privileges)) { + if (auth()->can('admin_active')) { $html .= ' ' . __('Force active') . '' . "\n"; $html .= html_options('force_active', $options, $user_source->state->force_active) . '' . "\n"; } @@ -249,7 +248,7 @@ function admin_user() case 'save': $force_active = $user->state->force_active; $user_source = User::find($user_id); - if (in_array('admin_active', $privileges)) { + if (auth()->can('admin_active')) { $force_active = $request->input('force_active'); } if ($user_source->settings->email_human) { diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php index e1c6dfa4..2df09d79 100644 --- a/includes/pages/guest_login.php +++ b/includes/pages/guest_login.php @@ -39,7 +39,6 @@ function logout_title() */ function guest_register() { - global $privileges; $authUser = auth()->user(); $tshirt_sizes = config('tshirt_sizes'); $enable_tshirt_size = config('enable_tshirt_size'); @@ -71,7 +70,7 @@ function guest_register() } } - if (!in_array('register', $privileges) || (!$authUser && !config('registration_enabled'))) { + if (!auth()->can('register') || (!$authUser && !config('registration_enabled'))) { error(__('Registration is disabled.')); return page_with_title(register_title(), [ @@ -472,9 +471,7 @@ function guest_login() */ function get_register_hint() { - global $privileges; - - if (in_array('register', $privileges) && config('registration_enabled')) { + if (auth()->can('register') && config('registration_enabled')) { return join('', [ '

' . __('Please sign up, if you want to help us!') . '

', buttons([ diff --git a/includes/pages/user_atom.php b/includes/pages/user_atom.php index 6aafb74f..e624ceb4 100644 --- a/includes/pages/user_atom.php +++ b/includes/pages/user_atom.php @@ -17,7 +17,7 @@ function user_atom() if (empty($user)) { engelsystem_error('Key invalid.'); } - if (!in_array('atom', privileges_for_user($user->id))) { + if (!auth()->can('atom')) { engelsystem_error('No privilege for atom.'); } diff --git a/includes/pages/user_ical.php b/includes/pages/user_ical.php index 8a80d681..ee3a8340 100644 --- a/includes/pages/user_ical.php +++ b/includes/pages/user_ical.php @@ -15,7 +15,7 @@ function user_ical() if (!$user) { engelsystem_error('Key invalid.'); } - if (!in_array('ical', privileges_for_user($user->id))) { + if (!auth()->can('ical')) { engelsystem_error('No privilege for ical.'); } diff --git a/includes/pages/user_myshifts.php b/includes/pages/user_myshifts.php index 1eab016d..11bbc9f4 100644 --- a/includes/pages/user_myshifts.php +++ b/includes/pages/user_myshifts.php @@ -18,13 +18,12 @@ function myshifts_title() */ function user_myshifts() { - global $privileges; $user = auth()->user(); $request = request(); if ( $request->has('id') - && in_array('user_shifts_admin', $privileges) + && auth()->can('user_shifts_admin') && preg_match('/^\d{1,}$/', $request->input('id')) && User::find($request->input('id')) ) { @@ -79,7 +78,7 @@ function user_myshifts() if ($request->hasPostData('submit')) { $valid = true; - if (in_array('user_shifts_admin', $privileges)) { + if (auth()->can('user_shifts_admin')) { $freeloaded = $request->has('freeloaded'); $freeload_comment = strip_request_item_nl('freeload_comment'); if ($freeloaded && $freeload_comment == '') { @@ -120,7 +119,7 @@ function user_myshifts() $shift['Comment'], $shift['freeloaded'], $shift['freeload_comment'], - in_array('user_shifts_admin', $privileges) + auth()->can('user_shifts_admin') ); } else { redirect(page_link_to('user_myshifts')); diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php index e101be6b..34be033f 100644 --- a/includes/pages/user_news.php +++ b/includes/pages/user_news.php @@ -91,7 +91,7 @@ function news_text($news) */ function display_news($news) { - global $privileges, $page; + global $page; $html = ''; $html .= '
'; @@ -101,7 +101,7 @@ function display_news($news) $html .= '
' . news_text($news) . '
'; $html .= '
'; - if (in_array('admin_news', $privileges)) { + if (auth()->can('admin_news')) { $html .= '
' . button_glyph( page_link_to('admin_news', ['action' => 'edit', 'id' => $news['ID']]), @@ -198,7 +198,6 @@ function user_news_comments() */ function user_news() { - global $privileges; $user = auth()->user(); $display_news = config('display_news'); $request = request(); @@ -206,13 +205,13 @@ function user_news() $html = '

' . news_title() . '

' . msg(); $isMeeting = $request->postData('treffen'); - if ($request->has('text') && $request->has('betreff') && in_array('admin_news', $privileges)) { + if ($request->has('text') && $request->has('betreff') && auth()->can('admin_news')) { if (!$request->has('treffen')) { $isMeeting = 0; } $text = $request->postData('text'); - if (!in_array('admin_news_html', $privileges)) { + if (!auth()->can('admin_news_html')) { $text = strip_tags($text); } @@ -266,7 +265,7 @@ function user_news() } $html .= '
'; - if (in_array('admin_news', $privileges)) { + if (auth()->can('admin_news')) { $html .= '
'; $html .= '

' . __('Create news:') . '

'; diff --git a/includes/pages/user_shifts.php b/includes/pages/user_shifts.php index cef6af73..942b8849 100644 --- a/includes/pages/user_shifts.php +++ b/includes/pages/user_shifts.php @@ -168,7 +168,7 @@ function load_types() */ function view_user_shifts() { - global $privileges, $ical_shifts; + global $ical_shifts; $user = auth()->user(); $session = session(); @@ -182,13 +182,13 @@ function view_user_shifts() $rooms[0]['id'] ]; $type_ids = array_map('get_ids_from_array', $types); - $shiftsFilter = new ShiftsFilter(in_array('user_shifts_admin', $privileges), $room_ids, $type_ids); + $shiftsFilter = new ShiftsFilter(auth()->can('user_shifts_admin'), $room_ids, $type_ids); $session->set('shifts-filter', $shiftsFilter->sessionExport()); } $shiftsFilter = new ShiftsFilter(); $shiftsFilter->sessionImport($session->get('shifts-filter')); - update_ShiftsFilter($shiftsFilter, in_array('user_shifts_admin', $privileges), $days); + update_ShiftsFilter($shiftsFilter, auth()->can('user_shifts_admin'), $days); $session->set('shifts-filter', $shiftsFilter->sessionExport()); $shiftCalendarRenderer = shiftCalendarRendererByShiftFilter($shiftsFilter); -- cgit v1.2.3-70-g09d2