Commit 03c6304e authored by Lukas Fleischer's avatar Lukas Fleischer
Browse files

Rework permission handling



Add a new function has_credential() that checks whether the currently
logged in user is allowed to perform a given action. Moving all
permission handling to this central place makes adding new user groups
and adjusting permissions much more convenient.

Signed-off-by: default avatarLukas Fleischer <archlinux@cryptocrack.de>
parent 9e6b861b
...@@ -18,18 +18,14 @@ echo " <h2>".__("Accounts")."</h2>\n"; ...@@ -18,18 +18,14 @@ echo " <h2>".__("Accounts")."</h2>\n";
$action = in_request("Action"); $action = in_request("Action");
if (isset($_COOKIE["AURSID"])) { if (isset($_COOKIE["AURSID"])) {
# visitor is logged in
#
$atype = account_from_sid($_COOKIE["AURSID"]);
if ($action == "SearchAccounts") { if ($action == "SearchAccounts") {
# security check # security check
# #
if ($atype == "Trusted User" || $atype == "Developer") { if (has_credential(CRED_ACCOUNT_SEARCH)) {
# the user has entered search criteria, find any matching accounts # the user has entered search criteria, find any matching accounts
# #
search_results_page($atype, in_request("O"), in_request("SB"), search_results_page(in_request("O"), in_request("SB"),
in_request("U"), in_request("T"), in_request("S"), in_request("U"), in_request("T"), in_request("S"),
in_request("E"), in_request("R"), in_request("I"), in_request("E"), in_request("R"), in_request("I"),
in_request("K")); in_request("K"));
...@@ -48,8 +44,8 @@ if (isset($_COOKIE["AURSID"])) { ...@@ -48,8 +44,8 @@ if (isset($_COOKIE["AURSID"])) {
print __("Could not retrieve information for the specified user."); print __("Could not retrieve information for the specified user.");
} else { } else {
/* Verify user has permission to edit the account */ /* Verify user has permission to edit the account */
if (can_edit_account($atype, $row, uid_from_sid($_COOKIE["AURSID"]))) { if (can_edit_account($row)) {
display_account_form($atype, "UpdateAccount", $row["Username"], display_account_form("UpdateAccount", $row["Username"],
$row["AccountTypeID"], $row["Suspended"], $row["Email"], $row["AccountTypeID"], $row["Suspended"], $row["Email"],
"", "", $row["RealName"], $row["LangPreference"], "", "", $row["RealName"], $row["LangPreference"],
$row["IRCNick"], $row["PGPKey"], $row["IRCNick"], $row["PGPKey"],
...@@ -70,22 +66,20 @@ if (isset($_COOKIE["AURSID"])) { ...@@ -70,22 +66,20 @@ if (isset($_COOKIE["AURSID"])) {
} }
} elseif ($action == "UpdateAccount") { } elseif ($action == "UpdateAccount") {
$uid = uid_from_sid($_COOKIE['AURSID']);
/* Details for account being updated */ /* Details for account being updated */
$acctinfo = account_details(in_request('ID'), in_request('U')); $acctinfo = account_details(in_request('ID'), in_request('U'));
/* Verify user permissions and that the request is a valid POST */ /* Verify user permissions and that the request is a valid POST */
if (can_edit_account($atype, $acctinfo, $uid) && check_token()) { if (can_edit_account($acctinfo) && check_token()) {
/* Update the details for the existing account */ /* Update the details for the existing account */
process_account_form($atype, "edit", "UpdateAccount", process_account_form("edit", "UpdateAccount",
in_request("U"), in_request("T"), in_request("S"), in_request("U"), in_request("T"), in_request("S"),
in_request("E"), in_request("P"), in_request("C"), in_request("E"), in_request("P"), in_request("C"),
in_request("R"), in_request("L"), in_request("I"), in_request("R"), in_request("L"), in_request("I"),
in_request("K"), in_request("J"), in_request("ID")); in_request("K"), in_request("J"), in_request("ID"));
} }
} else { } else {
if ($atype == "Trusted User" || $atype == "Developer") { if (has_credential(CRED_ACCOUNT_SEARCH)) {
# display the search page if they're a TU/dev # display the search page if they're a TU/dev
# #
print __("Use this form to search existing accounts.")."<br />\n"; print __("Use this form to search existing accounts.")."<br />\n";
......
...@@ -11,13 +11,10 @@ $title = __("Add Proposal"); ...@@ -11,13 +11,10 @@ $title = __("Add Proposal");
html_header($title); html_header($title);
if (isset($_COOKIE["AURSID"])) { if (isset($_COOKIE["AURSID"])) {
$atype = account_from_sid($_COOKIE["AURSID"]); $uid = uid_from_sid($_COOKIE["AURSID"]);
$uid = uid_from_sid($_COOKIE["AURSID"]);
} else {
$atype = "";
} }
if ($atype == "Trusted User" || $atype == "Developer") { if (has_credential(CRED_TU_ADD_VOTE)) {
if (!empty($_POST['addVote']) && !check_token()) { if (!empty($_POST['addVote']) && !check_token()) {
$error = __("Invalid token for user action."); $error = __("Invalid token for user action.");
......
...@@ -35,13 +35,6 @@ if (isset($pkgname)) { ...@@ -35,13 +35,6 @@ if (isset($pkgname)) {
$title = __("Packages"); $title = __("Packages");
} }
# Retrieve account type
if (isset($_COOKIE["AURSID"])) {
$atype = account_from_sid($_COOKIE["AURSID"]);
} else {
$atype = "";
}
$details = array(); $details = array();
if (isset($pkgname)) { if (isset($pkgname)) {
$details = pkg_get_details($pkgid); $details = pkg_get_details($pkgid);
......
...@@ -32,13 +32,6 @@ if (!isset($base_id) || !isset($pkgbase_name)) { ...@@ -32,13 +32,6 @@ if (!isset($base_id) || !isset($pkgbase_name)) {
/* Set the title to package base name. */ /* Set the title to package base name. */
$title = $pkgbase_name; $title = $pkgbase_name;
/* Retrieve account type. */
if (isset($_COOKIE["AURSID"])) {
$atype = account_from_sid($_COOKIE["AURSID"]);
} else {
$atype = "";
}
/* Grab the list of package base IDs to be operated on. */ /* Grab the list of package base IDs to be operated on. */
$ids = array(); $ids = array();
if (isset($_POST['IDs'])) { if (isset($_POST['IDs'])) {
...@@ -55,29 +48,29 @@ $ret = false; ...@@ -55,29 +48,29 @@ $ret = false;
$output = ""; $output = "";
if (check_token()) { if (check_token()) {
if (current_action("do_Flag")) { if (current_action("do_Flag")) {
list($ret, $output) = pkgbase_flag($atype, $ids); list($ret, $output) = pkgbase_flag($ids);
} elseif (current_action("do_UnFlag")) { } elseif (current_action("do_UnFlag")) {
list($ret, $output) = pkgbase_unflag($atype, $ids); list($ret, $output) = pkgbase_unflag($ids);
} elseif (current_action("do_Adopt")) { } elseif (current_action("do_Adopt")) {
list($ret, $output) = pkgbase_adopt($atype, $ids, true, NULL); list($ret, $output) = pkgbase_adopt($ids, true, NULL);
} elseif (current_action("do_Disown")) { } elseif (current_action("do_Disown")) {
$via = isset($_POST['via']) ? $_POST['via'] : NULL; $via = isset($_POST['via']) ? $_POST['via'] : NULL;
list($ret, $output) = pkgbase_adopt($atype, $ids, false, $via); list($ret, $output) = pkgbase_adopt($ids, false, $via);
} elseif (current_action("do_Vote")) { } elseif (current_action("do_Vote")) {
list($ret, $output) = pkgbase_vote($atype, $ids, true); list($ret, $output) = pkgbase_vote($ids, true);
} elseif (current_action("do_UnVote")) { } elseif (current_action("do_UnVote")) {
list($ret, $output) = pkgbase_vote($atype, $ids, false); list($ret, $output) = pkgbase_vote($ids, false);
} elseif (current_action("do_Delete")) { } elseif (current_action("do_Delete")) {
if (isset($_POST['confirm_Delete'])) { if (isset($_POST['confirm_Delete'])) {
$via = isset($_POST['via']) ? $_POST['via'] : NULL; $via = isset($_POST['via']) ? $_POST['via'] : NULL;
if (!isset($_POST['merge_Into']) || empty($_POST['merge_Into'])) { if (!isset($_POST['merge_Into']) || empty($_POST['merge_Into'])) {
list($ret, $output) = pkgbase_delete($atype, $ids, NULL, $via); list($ret, $output) = pkgbase_delete($ids, NULL, $via);
unset($_GET['ID']); unset($_GET['ID']);
} }
else { else {
$merge_base_id = pkgbase_from_name($_POST['merge_Into']); $merge_base_id = pkgbase_from_name($_POST['merge_Into']);
if ($merge_base_id) { if ($merge_base_id) {
list($ret, $output) = pkgbase_delete($atype, $ids, $merge_base_id, $via); list($ret, $output) = pkgbase_delete($ids, $merge_base_id, $via);
unset($_GET['ID']); unset($_GET['ID']);
} else { } else {
$output = __("Cannot find package to merge votes and comments into."); $output = __("Cannot find package to merge votes and comments into.");
...@@ -90,13 +83,13 @@ if (check_token()) { ...@@ -90,13 +83,13 @@ if (check_token()) {
$ret = false; $ret = false;
} }
} elseif (current_action("do_Notify")) { } elseif (current_action("do_Notify")) {
list($ret, $output) = pkgbase_notify($atype, $ids); list($ret, $output) = pkgbase_notify($ids);
} elseif (current_action("do_UnNotify")) { } elseif (current_action("do_UnNotify")) {
list($ret, $output) = pkgbase_notify($atype, $ids, false); list($ret, $output) = pkgbase_notify($ids, false);
} elseif (current_action("do_DeleteComment")) { } elseif (current_action("do_DeleteComment")) {
list($ret, $output) = pkgbase_delete_comment($atype); list($ret, $output) = pkgbase_delete_comment();
} elseif (current_action("do_ChangeCategory")) { } elseif (current_action("do_ChangeCategory")) {
list($ret, $output) = pkgbase_change_category($base_id, $atype); list($ret, $output) = pkgbase_change_category($base_id);
} elseif (current_action("do_FileRequest")) { } elseif (current_action("do_FileRequest")) {
list($ret, $output) = pkgreq_file($ids, $_POST['type'], $_POST['merge_into'], $_POST['comments']); list($ret, $output) = pkgreq_file($ids, $_POST['type'], $_POST['merge_into'], $_POST['comments']);
} elseif (current_action("do_CloseRequest")) { } elseif (current_action("do_CloseRequest")) {
......
...@@ -10,13 +10,7 @@ check_sid(); ...@@ -10,13 +10,7 @@ check_sid();
html_header(__("Package Deletion")); html_header(__("Package Deletion"));
$atype = ""; if (has_credential(CRED_PKGBASE_DELETE)): ?>
if (isset($_COOKIE["AURSID"])) {
$atype = account_from_sid($_COOKIE["AURSID"]);
}
if ($atype == "Trusted User" || $atype == "Developer"): ?>
<div class="box"> <div class="box">
<h2><?= __('Delete Package: %s', htmlspecialchars($pkgbase_name)) ?></h2> <h2><?= __('Delete Package: %s', htmlspecialchars($pkgbase_name)) ?></h2>
<p> <p>
......
...@@ -10,13 +10,7 @@ check_sid(); ...@@ -10,13 +10,7 @@ check_sid();
html_header(__("Package Merging")); html_header(__("Package Merging"));
$atype = ""; if (has_credential(CRED_PKGBASE_DELETE)): ?>
if (isset($_COOKIE["AURSID"])) {
$atype = account_from_sid($_COOKIE["AURSID"]);
}
if ($atype == "Trusted User" || $atype == "Developer"): ?>
<div class="box"> <div class="box">
<h2><?= __('Merge Package: %s', htmlspecialchars($pkgbase_name)) ?></h2> <h2><?= __('Merge Package: %s', htmlspecialchars($pkgbase_name)) ?></h2>
<p> <p>
......
...@@ -16,7 +16,7 @@ if (isset($base_id)) { ...@@ -16,7 +16,7 @@ if (isset($base_id)) {
$pkgbase_name = pkgreq_get_pkgbase_name($pkgreq_id); $pkgbase_name = pkgreq_get_pkgbase_name($pkgreq_id);
include('pkgreq_close_form.php'); include('pkgreq_close_form.php');
} else { } else {
if (!check_user_privileges()) { if (!has_credential(CRED_PKGREQ_LIST)) {
header('Location: /'); header('Location: /');
exit(); exit();
} }
......
...@@ -14,12 +14,7 @@ html_header($title); ...@@ -14,12 +14,7 @@ html_header($title);
$pp = 10; $pp = 10;
$prev_Len = 75; $prev_Len = 75;
$atype = ""; if (has_credential(CRED_TU_LIST_VOTES)) {
if (isset($_COOKIE["AURSID"])) {
$atype = account_from_sid($_COOKIE["AURSID"]);
}
if ($atype == "Trusted User" || $atype == "Developer") {
if (isset($_GET['id'])) { if (isset($_GET['id'])) {
if (is_numeric($_GET['id'])) { if (is_numeric($_GET['id'])) {
...@@ -39,7 +34,7 @@ if ($atype == "Trusted User" || $atype == "Developer") { ...@@ -39,7 +34,7 @@ if ($atype == "Trusted User" || $atype == "Developer") {
if ($isrunning == 0) { if ($isrunning == 0) {
$canvote = 0; $canvote = 0;
$errorvote = __("Voting is closed for this proposal."); $errorvote = __("Voting is closed for this proposal.");
} else if ($atype == "Developer") { } else if (!has_credential(CRED_TU_VOTE)) {
$canvote = 0; $canvote = 0;
$errorvote = __("Only Trusted Users are allowed to vote."); $errorvote = __("Only Trusted Users are allowed to vote.");
} else if ($row['User'] == username_from_sid($_COOKIE["AURSID"])) { } else if ($row['User'] == username_from_sid($_COOKIE["AURSID"])) {
......
...@@ -6,11 +6,10 @@ include_once('pkgfuncs.inc.php'); ...@@ -6,11 +6,10 @@ include_once('pkgfuncs.inc.php');
$SID = $_COOKIE['AURSID']; $SID = $_COOKIE['AURSID'];
$pkgname = htmlspecialchars($_GET['N']); $pkgname = htmlspecialchars($_GET['N']);
$votes = pkgbase_votes_from_name($pkgname); $votes = pkgbase_votes_from_name($pkgname);
$atype = account_from_sid($SID);
html_header(__("Voters")); html_header(__("Voters"));
if ($atype == 'Trusted User' || $atype== 'Developer'): if (has_credential(CRED_PKGBASE_LIST_VOTERS)):
?> ?>
<div class="box"> <div class="box">
......
...@@ -42,7 +42,6 @@ function html_format_pgp_fingerprint($fingerprint) { ...@@ -42,7 +42,6 @@ function html_format_pgp_fingerprint($fingerprint) {
* Loads the account editing form, with any values that are already saved * Loads the account editing form, with any values that are already saved
* *
* @global array $SUPPORTED_LANGS Languages that are supported by the AUR * @global array $SUPPORTED_LANGS Languages that are supported by the AUR
* @param string $UTYPE User type of the account accessing the form
* @param string $A Form to use, either UpdateAccount or NewAccount * @param string $A Form to use, either UpdateAccount or NewAccount
* @param string $U The username to display * @param string $U The username to display
* @param string $T The account type of the displayed user * @param string $T The account type of the displayed user
...@@ -59,7 +58,7 @@ function html_format_pgp_fingerprint($fingerprint) { ...@@ -59,7 +58,7 @@ function html_format_pgp_fingerprint($fingerprint) {
* *
* @return void * @return void
*/ */
function display_account_form($UTYPE,$A,$U="",$T="",$S="", function display_account_form($A,$U="",$T="",$S="",
$E="",$P="",$C="",$R="",$L="",$I="",$K="",$J="", $UID=0) { $E="",$P="",$C="",$R="",$L="",$I="",$K="",$J="", $UID=0) {
global $SUPPORTED_LANGS; global $SUPPORTED_LANGS;
...@@ -71,7 +70,6 @@ function display_account_form($UTYPE,$A,$U="",$T="",$S="", ...@@ -71,7 +70,6 @@ function display_account_form($UTYPE,$A,$U="",$T="",$S="",
* Process information given to new/edit account form * Process information given to new/edit account form
* *
* @global array $SUPPORTED_LANGS Languages that are supported by the AUR * @global array $SUPPORTED_LANGS Languages that are supported by the AUR
* @param string $UTYPE The account type of the user modifying the account
* @param string $TYPE Either "edit" for editing or "new" for registering an account * @param string $TYPE Either "edit" for editing or "new" for registering an account
* @param string $A Form to use, either UpdateAccount or NewAccount * @param string $A Form to use, either UpdateAccount or NewAccount
* @param string $U The username for the account * @param string $U The username for the account
...@@ -89,7 +87,7 @@ function display_account_form($UTYPE,$A,$U="",$T="",$S="", ...@@ -89,7 +87,7 @@ function display_account_form($UTYPE,$A,$U="",$T="",$S="",
* *
* @return string|void Return void if successful, otherwise return error * @return string|void Return void if successful, otherwise return error
*/ */
function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="", function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",
$P="",$C="",$R="",$L="",$I="",$K="",$J="",$UID=0) { $P="",$C="",$R="",$L="",$I="",$K="",$J="",$UID=0) {
global $SUPPORTED_LANGS, $AUR_LOCATION; global $SUPPORTED_LANGS, $AUR_LOCATION;
...@@ -143,7 +141,8 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="", ...@@ -143,7 +141,8 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
$error = __("The PGP key fingerprint is invalid."); $error = __("The PGP key fingerprint is invalid.");
} }
if (($UTYPE == "User" && $T > 1) || ($UTYPE == "Trusted User" && $T > 2)) { $atype = account_from_sid($_COOKIE['AURSID']);
if (($atype == "User" && $T > 1) || ($atype == "Trusted User" && $T > 2)) {
$error = __("Cannot increase account permissions."); $error = __("Cannot increase account permissions.");
} }
if (!$error && !array_key_exists($L, $SUPPORTED_LANGS)) { if (!$error && !array_key_exists($L, $SUPPORTED_LANGS)) {
...@@ -188,7 +187,7 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="", ...@@ -188,7 +187,7 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
if ($error) { if ($error) {
print "<ul class='errorlist'><li>".$error."</li></ul>\n"; print "<ul class='errorlist'><li>".$error."</li></ul>\n";
display_account_form($UTYPE, $A, $U, $T, $S, $E, "", "", display_account_form($A, $U, $T, $S, $E, "", "",
$R, $L, $I, $K, $J, $UID); $R, $L, $I, $K, $J, $UID);
return; return;
} }
...@@ -299,7 +298,6 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="", ...@@ -299,7 +298,6 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
/** /**
* Display the search results page * Display the search results page
* *
* @param string $UTYPE User type of the account accessing the form
* @param string $O The offset for the results page * @param string $O The offset for the results page
* @param string $SB The column to sort the results page by * @param string $SB The column to sort the results page by
* @param string $U The username search criteria * @param string $U The username search criteria
...@@ -312,7 +310,7 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="", ...@@ -312,7 +310,7 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
* *
* @return void * @return void
*/ */
function search_results_page($UTYPE,$O=0,$SB="",$U="",$T="", function search_results_page($O=0,$SB="",$U="",$T="",
$S="",$E="",$R="",$I="",$K="") { $S="",$E="",$R="",$I="",$K="") {
$HITS_PER_PAGE = 50; $HITS_PER_PAGE = 50;
...@@ -1098,28 +1096,15 @@ function cast_proposal_vote($voteid, $uid, $vote, $newtotal) { ...@@ -1098,28 +1096,15 @@ function cast_proposal_vote($voteid, $uid, $vote, $newtotal) {
/** /**
* Verify a user has the proper permissions to edit an account * Verify a user has the proper permissions to edit an account
* *
* @param string $atype Account type of the editing user
* @param array $acctinfo User account information for edited account * @param array $acctinfo User account information for edited account
* @param int $uid User ID of the editing user
* *
* @return bool True if permission to edit the account, otherwise false * @return bool True if permission to edit the account, otherwise false
*/ */
function can_edit_account($atype, $acctinfo, $uid) { function can_edit_account($acctinfo) {
/* Developers can edit any account */ if ($acctinfo['AccountType'] == 'Developer') {
if ($atype == 'Developer') { return has_credential(CRED_ACCOUNT_EDIT_DEV);
return true;
}
/* Trusted Users can edit all accounts except Developer accounts */
if ($atype == 'Trusted User' &&
$acctinfo['AccountType'] != 'Developer') {
return true;
} }
/* Users can edit only their own account */ $uid = uid_from_sid($_COOKIE['AURSID']);
if ($acctinfo['ID'] == $uid) { return has_credential(CRED_ACCOUNT_EDIT, array($uid));
return true;
}
return false;
} }
...@@ -16,6 +16,7 @@ include_once("routing.inc.php"); ...@@ -16,6 +16,7 @@ include_once("routing.inc.php");
include_once("version.inc.php"); include_once("version.inc.php");
include_once("acctfuncs.inc.php"); include_once("acctfuncs.inc.php");
include_once("cachefuncs.inc.php"); include_once("cachefuncs.inc.php");
include_once("credentials.inc.php");
/** /**
* Check if a visitor is logged in * Check if a visitor is logged in
...@@ -406,16 +407,6 @@ function uid_from_email($email) { ...@@ -406,16 +407,6 @@ function uid_from_email($email) {
return $row[0]; return $row[0];
} }
/**
* Determine if a user has TU or Developer privileges
*
* @return bool Return true if the user is a TU or developer, otherwise false
*/
function check_user_privileges() {
$type = account_from_sid($_COOKIE['AURSID']);
return ($type == 'Trusted User' || $type == 'Developer');
}
/** /**
* Generate clean url with edited/added user values * Generate clean url with edited/added user values
* *
......
<?php
include_once("config.inc.php");
define("CRED_ACCOUNT_CHANGE_TYPE", 1);
define("CRED_ACCOUNT_EDIT", 2);
define("CRED_ACCOUNT_EDIT_DEV", 3);
define("CRED_ACCOUNT_LAST_LOGIN", 4);
define("CRED_ACCOUNT_SEARCH", 5);
define("CRED_COMMENT_DELETE", 6);
define("CRED_PKGBASE_ADOPT", 7);
define("CRED_PKGBASE_CHANGE_CATEGORY", 8);
define("CRED_PKGBASE_DELETE", 9);
define("CRED_PKGBASE_DISOWN", 10);
define("CRED_PKGBASE_FLAG", 11);
define("CRED_PKGBASE_LIST_VOTERS", 12);
define("CRED_PKGBASE_NOTIFY", 13);
define("CRED_PKGBASE_SUBMIT_BLACKLISTED", 14);
define("CRED_PKGBASE_UNFLAG", 15);
define("CRED_PKGBASE_VOTE", 16);
define("CRED_PKGREQ_CLOSE", 17);
define("CRED_PKGREQ_LIST", 18);
define("CRED_TU_ADD_VOTE", 19);
define("CRED_TU_LIST_VOTES", 20);
define("CRED_TU_VOTE", 21);
/**
* Determine if a user has the permission to perform a given action
*
* @param int $credential The type of action to peform
* @param array $approved_users A user whitelist for this query
*
* @return bool Return true if the user has the permission, false if not
*/
function has_credential($credential, $approved_users=array()) {
if (!isset($_COOKIE['AURSID'])) {
return false;
}
$uid = uid_from_sid($_COOKIE['AURSID']);
if (in_array($uid, $approved_users)) {
return true;
}
$atype = account_from_sid($_COOKIE['AURSID']);
switch ($credential) {
case CRED_PKGBASE_FLAG:
case CRED_PKGBASE_NOTIFY:
case CRED_PKGBASE_VOTE:
return ($atype == 'User' || $atype == 'Trusted User' ||
$atype == 'Developer');
case CRED_ACCOUNT_CHANGE_TYPE:
case CRED_ACCOUNT_EDIT:
case CRED_ACCOUNT_LAST_LOGIN:
case CRED_ACCOUNT_SEARCH:
case CRED_COMMENT_DELETE:
case CRED_PKGBASE_ADOPT:
case CRED_PKGBASE_CHANGE_CATEGORY:
case CRED_PKGBASE_DELETE:
case CRED_PKGBASE_DISOWN:
case CRED_PKGBASE_LIST_VOTERS:
case CRED_PKGBASE_SUBMIT_BLACKLISTED:
case CRED_PKGBASE_UNFLAG:
case CRED_PKGREQ_CLOSE:
case CRED_PKGREQ_LIST:
return ($atype == 'Trusted User' || $atype == 'Developer');
case CRED_TU_ADD_VOTE:
case CRED_TU_LIST_VOTES:
case CRED_TU_VOTE:
return ($atype == 'Trusted User');
case CRED_ACCOUNT_EDIT_DEV:
return ($atype == 'Developer');
}
return false;
}
...@@ -346,15 +346,14 @@ function pkgbase_maintainer_uid($base_id) { ...@@ -346,15 +346,14 @@ function pkgbase_maintainer_uid($base_id) {
* Flag package(s) as out-of-date * Flag package(s) as out-of-date
* *
* @global string $AUR_LOCATION The AUR's URL used for notification e-mails * @global string $AUR_LOCATION The AUR's URL used for notification e-mails
* @param string $atype Account type, output of account_from_sid
* @param array $base_ids Array of package base IDs to flag/unflag * @param array $base_ids Array of package base IDs to flag/unflag
* *