diff options
author | Lukas Fleischer <archlinux@cryptocrack.de> | 2014-07-15 20:52:54 +0200 |
---|---|---|
committer | Lukas Fleischer <archlinux@cryptocrack.de> | 2014-07-15 22:56:57 +0200 |
commit | 03c6304e19d5d3ecd276dd3f42220db301ab511d (patch) | |
tree | 25f58ac23290a9e57f6bd93f6b5c8986bd9fcbef /web/lib | |
parent | 9e6b861b6f40a90363c402b4d26602f33964cf41 (diff) |
Rework permission handling
Add a new function has_credential() that checks whether the currently
logged in user is allowed to perform a given action. Moving all
permission handling to this central place makes adding new user groups
and adjusting permissions much more convenient.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/lib')
-rw-r--r-- | web/lib/acctfuncs.inc.php | 37 | ||||
-rw-r--r-- | web/lib/aur.inc.php | 11 | ||||
-rw-r--r-- | web/lib/credentials.inc.php | 76 | ||||
-rw-r--r-- | web/lib/pkgbasefuncs.inc.php | 93 | ||||
-rw-r--r-- | web/lib/pkgfuncs.inc.php | 36 | ||||
-rw-r--r-- | web/lib/pkgreqfuncs.inc.php | 2 |
6 files changed, 134 insertions, 121 deletions
diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php index 06d4311..e2e37b8 100644 --- a/web/lib/acctfuncs.inc.php +++ b/web/lib/acctfuncs.inc.php @@ -42,7 +42,6 @@ function html_format_pgp_fingerprint($fingerprint) { * Loads the account editing form, with any values that are already saved * * @global array $SUPPORTED_LANGS Languages that are supported by the AUR - * @param string $UTYPE User type of the account accessing the form * @param string $A Form to use, either UpdateAccount or NewAccount * @param string $U The username to display * @param string $T The account type of the displayed user @@ -59,7 +58,7 @@ function html_format_pgp_fingerprint($fingerprint) { * * @return void */ -function display_account_form($UTYPE,$A,$U="",$T="",$S="", +function display_account_form($A,$U="",$T="",$S="", $E="",$P="",$C="",$R="",$L="",$I="",$K="",$J="", $UID=0) { global $SUPPORTED_LANGS; @@ -71,7 +70,6 @@ function display_account_form($UTYPE,$A,$U="",$T="",$S="", * Process information given to new/edit account form * * @global array $SUPPORTED_LANGS Languages that are supported by the AUR - * @param string $UTYPE The account type of the user modifying the account * @param string $TYPE Either "edit" for editing or "new" for registering an account * @param string $A Form to use, either UpdateAccount or NewAccount * @param string $U The username for the account @@ -89,7 +87,7 @@ function display_account_form($UTYPE,$A,$U="",$T="",$S="", * * @return string|void Return void if successful, otherwise return error */ -function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="", +function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="", $P="",$C="",$R="",$L="",$I="",$K="",$J="",$UID=0) { global $SUPPORTED_LANGS, $AUR_LOCATION; @@ -143,7 +141,8 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="", $error = __("The PGP key fingerprint is invalid."); } - if (($UTYPE == "User" && $T > 1) || ($UTYPE == "Trusted User" && $T > 2)) { + $atype = account_from_sid($_COOKIE['AURSID']); + if (($atype == "User" && $T > 1) || ($atype == "Trusted User" && $T > 2)) { $error = __("Cannot increase account permissions."); } if (!$error && !array_key_exists($L, $SUPPORTED_LANGS)) { @@ -188,7 +187,7 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="", if ($error) { print "<ul class='errorlist'><li>".$error."</li></ul>\n"; - display_account_form($UTYPE, $A, $U, $T, $S, $E, "", "", + display_account_form($A, $U, $T, $S, $E, "", "", $R, $L, $I, $K, $J, $UID); return; } @@ -299,7 +298,6 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="", /** * Display the search results page * - * @param string $UTYPE User type of the account accessing the form * @param string $O The offset for the results page * @param string $SB The column to sort the results page by * @param string $U The username search criteria @@ -312,7 +310,7 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="", * * @return void */ -function search_results_page($UTYPE,$O=0,$SB="",$U="",$T="", +function search_results_page($O=0,$SB="",$U="",$T="", $S="",$E="",$R="",$I="",$K="") { $HITS_PER_PAGE = 50; @@ -1098,28 +1096,15 @@ function cast_proposal_vote($voteid, $uid, $vote, $newtotal) { /** * Verify a user has the proper permissions to edit an account * - * @param string $atype Account type of the editing user * @param array $acctinfo User account information for edited account - * @param int $uid User ID of the editing user * * @return bool True if permission to edit the account, otherwise false */ -function can_edit_account($atype, $acctinfo, $uid) { - /* Developers can edit any account */ - if ($atype == 'Developer') { - return true; - } - - /* Trusted Users can edit all accounts except Developer accounts */ - if ($atype == 'Trusted User' && - $acctinfo['AccountType'] != 'Developer') { - return true; +function can_edit_account($acctinfo) { + if ($acctinfo['AccountType'] == 'Developer') { + return has_credential(CRED_ACCOUNT_EDIT_DEV); } - /* Users can edit only their own account */ - if ($acctinfo['ID'] == $uid) { - return true; - } - - return false; + $uid = uid_from_sid($_COOKIE['AURSID']); + return has_credential(CRED_ACCOUNT_EDIT, array($uid)); } diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php index 7fa792b..82730bb 100644 --- a/web/lib/aur.inc.php +++ b/web/lib/aur.inc.php @@ -16,6 +16,7 @@ include_once("routing.inc.php"); include_once("version.inc.php"); include_once("acctfuncs.inc.php"); include_once("cachefuncs.inc.php"); +include_once("credentials.inc.php"); /** * Check if a visitor is logged in @@ -407,16 +408,6 @@ function uid_from_email($email) { } /** - * Determine if a user has TU or Developer privileges - * - * @return bool Return true if the user is a TU or developer, otherwise false - */ -function check_user_privileges() { - $type = account_from_sid($_COOKIE['AURSID']); - return ($type == 'Trusted User' || $type == 'Developer'); -} - -/** * Generate clean url with edited/added user values * * Makes a clean string of variables for use in URLs based on current $_GET and diff --git a/web/lib/credentials.inc.php b/web/lib/credentials.inc.php new file mode 100644 index 0000000..22068e4 --- /dev/null +++ b/web/lib/credentials.inc.php @@ -0,0 +1,76 @@ +<?php +include_once("config.inc.php"); + +define("CRED_ACCOUNT_CHANGE_TYPE", 1); +define("CRED_ACCOUNT_EDIT", 2); +define("CRED_ACCOUNT_EDIT_DEV", 3); +define("CRED_ACCOUNT_LAST_LOGIN", 4); +define("CRED_ACCOUNT_SEARCH", 5); +define("CRED_COMMENT_DELETE", 6); +define("CRED_PKGBASE_ADOPT", 7); +define("CRED_PKGBASE_CHANGE_CATEGORY", 8); +define("CRED_PKGBASE_DELETE", 9); +define("CRED_PKGBASE_DISOWN", 10); +define("CRED_PKGBASE_FLAG", 11); +define("CRED_PKGBASE_LIST_VOTERS", 12); +define("CRED_PKGBASE_NOTIFY", 13); +define("CRED_PKGBASE_SUBMIT_BLACKLISTED", 14); +define("CRED_PKGBASE_UNFLAG", 15); +define("CRED_PKGBASE_VOTE", 16); +define("CRED_PKGREQ_CLOSE", 17); +define("CRED_PKGREQ_LIST", 18); +define("CRED_TU_ADD_VOTE", 19); +define("CRED_TU_LIST_VOTES", 20); +define("CRED_TU_VOTE", 21); + +/** + * Determine if a user has the permission to perform a given action + * + * @param int $credential The type of action to peform + * @param array $approved_users A user whitelist for this query + * + * @return bool Return true if the user has the permission, false if not + */ +function has_credential($credential, $approved_users=array()) { + if (!isset($_COOKIE['AURSID'])) { + return false; + } + + $uid = uid_from_sid($_COOKIE['AURSID']); + if (in_array($uid, $approved_users)) { + return true; + } + + $atype = account_from_sid($_COOKIE['AURSID']); + + switch ($credential) { + case CRED_PKGBASE_FLAG: + case CRED_PKGBASE_NOTIFY: + case CRED_PKGBASE_VOTE: + return ($atype == 'User' || $atype == 'Trusted User' || + $atype == 'Developer'); + case CRED_ACCOUNT_CHANGE_TYPE: + case CRED_ACCOUNT_EDIT: + case CRED_ACCOUNT_LAST_LOGIN: + case CRED_ACCOUNT_SEARCH: + case CRED_COMMENT_DELETE: + case CRED_PKGBASE_ADOPT: + case CRED_PKGBASE_CHANGE_CATEGORY: + case CRED_PKGBASE_DELETE: + case CRED_PKGBASE_DISOWN: + case CRED_PKGBASE_LIST_VOTERS: + case CRED_PKGBASE_SUBMIT_BLACKLISTED: + case CRED_PKGBASE_UNFLAG: + case CRED_PKGREQ_CLOSE: + case CRED_PKGREQ_LIST: + return ($atype == 'Trusted User' || $atype == 'Developer'); + case CRED_TU_ADD_VOTE: + case CRED_TU_LIST_VOTES: + case CRED_TU_VOTE: + return ($atype == 'Trusted User'); + case CRED_ACCOUNT_EDIT_DEV: + return ($atype == 'Developer'); + } + + return false; +} diff --git a/web/lib/pkgbasefuncs.inc.php b/web/lib/pkgbasefuncs.inc.php index b357dff..176b144 100644 --- a/web/lib/pkgbasefuncs.inc.php +++ b/web/lib/pkgbasefuncs.inc.php @@ -346,15 +346,14 @@ function pkgbase_maintainer_uid($base_id) { * Flag package(s) as out-of-date * * @global string $AUR_LOCATION The AUR's URL used for notification e-mails - * @param string $atype Account type, output of account_from_sid * @param array $base_ids Array of package base IDs to flag/unflag * * @return array Tuple of success/failure indicator and error message */ -function pkgbase_flag($atype, $base_ids) { +function pkgbase_flag($base_ids) { global $AUR_LOCATION; - if (!$atype) { + if (!has_credential(CRED_PKGBASE_FLAG)) { return array(false, __("You must be logged in before you can flag packages.")); } @@ -404,13 +403,13 @@ function pkgbase_flag($atype, $base_ids) { /** * Unflag package(s) as out-of-date * - * @param string $atype Account type, output of account_from_sid * @param array $base_ids Array of package base IDs to flag/unflag * * @return array Tuple of success/failure indicator and error message */ -function pkgbase_unflag($atype, $base_ids) { - if (!$atype) { +function pkgbase_unflag($base_ids) { + $uid = uid_from_sid($_COOKIE["AURSID"]); + if (!$uid) { return array(false, __("You must be logged in before you can unflag packages.")); } @@ -425,8 +424,8 @@ function pkgbase_unflag($atype, $base_ids) { $q.= "OutOfDateTS = NULL "; $q.= "WHERE ID IN (" . implode(",", $base_ids) . ") "; - if ($atype != "Trusted User" && $atype != "Developer") { - $q.= "AND MaintainerUID = " . uid_from_sid($_COOKIE["AURSID"]); + if (!has_credential(CRED_PKGBASE_UNFLAG)) { + $q.= "AND MaintainerUID = " . $uid; } $result = $dbh->exec($q); @@ -439,19 +438,14 @@ function pkgbase_unflag($atype, $base_ids) { /** * Delete package bases * - * @param string $atype Account type, output of account_from_sid * @param array $base_ids Array of package base IDs to delete * @param int $merge_base_id Package base to merge the deleted ones into * @param int $via Package request to close upon deletion * * @return array Tuple of success/failure indicator and error message */ -function pkgbase_delete ($atype, $base_ids, $merge_base_id, $via) { - if (!$atype) { - return array(false, __("You must be logged in before you can delete packages.")); - } - - if ($atype != "Trusted User" && $atype != "Developer") { +function pkgbase_delete ($base_ids, $merge_base_id, $via) { + if (!has_credential(CRED_PKGBASE_DELETE)) { return array(false, __("You do not have permission to delete packages.")); } @@ -552,15 +546,15 @@ function pkgbase_delete ($atype, $base_ids, $merge_base_id, $via) { /** * Adopt or disown packages * - * @param string $atype Account type, output of account_from_sid * @param array $base_ids Array of package base IDs to adopt/disown * @param bool $action Adopts if true, disowns if false. Adopts by default * @param int $via Package request to close upon adoption * * @return array Tuple of success/failure indicator and error message */ -function pkgbase_adopt ($atype, $base_ids, $action=true, $via) { - if (!$atype) { +function pkgbase_adopt ($base_ids, $action=true, $via) { + $uid = uid_from_sid($_COOKIE["AURSID"]); + if (!$uid) { if ($action) { return array(false, __("You must be logged in before you can adopt packages.")); } else { @@ -579,23 +573,21 @@ function pkgbase_adopt ($atype, $base_ids, $action=true, $via) { $dbh = DB::connect(); - $field = "MaintainerUID"; $q = "UPDATE PackageBases "; - if ($action) { - $user = uid_from_sid($_COOKIE["AURSID"]); + $q.= "SET MaintainerUID = $uid "; } else { - $user = 'NULL'; + $q.= "SET MaintainerUID = NULL "; } - - $q.= "SET $field = $user "; $q.= "WHERE ID IN (" . implode(",", $base_ids) . ") "; - if ($action && $atype == "User") { + if ($action && !has_credential(CRED_PKGBASE_ADOPT)) { /* Regular users may only adopt orphan packages. */ - $q.= "AND $field IS NULL "; - } else if ($atype == "User") { - $q.= "AND $field = " . uid_from_sid($_COOKIE["AURSID"]); + $q.= "AND MaintainerUID IS NULL"; + } + if (!$action && !has_credential(CRED_PKGBASE_DISOWN)) { + /* Regular users may only disown their own packages. */ + $q.= "AND MaintainerUID = " . $uid; } $dbh->exec($q); @@ -615,14 +607,13 @@ function pkgbase_adopt ($atype, $base_ids, $action=true, $via) { /** * Vote and un-vote for packages * - * @param string $atype Account type, output of account_from_sid * @param array $base_ids Array of package base IDs to vote/un-vote * @param bool $action Votes if true, un-votes if false. Votes by default * * @return array Tuple of success/failure indicator and error message */ -function pkgbase_vote ($atype, $base_ids, $action=true) { - if (!$atype) { +function pkgbase_vote ($base_ids, $action=true) { + if (!has_credential(CRED_PKGBASE_VOTE)) { if ($action) { return array(false, __("You must be logged in before you can vote for packages.")); } else { @@ -767,13 +758,12 @@ function pkgbase_user_notify($uid, $base_id) { /** * Toggle notification of packages * - * @param string $atype Account type, output of account_from_sid * @param array $base_ids Array of package base IDs to toggle * * @return array Tuple of success/failure indicator and error message */ -function pkgbase_notify ($atype, $base_ids, $action=true) { - if (!$atype) { +function pkgbase_notify ($base_ids, $action=true) { + if (!has_credential(CRED_PKGBASE_NOTIFY)) { return; } @@ -845,12 +835,11 @@ function pkgbase_notify ($atype, $base_ids, $action=true) { /** * Delete a package comment * - * @param string $atype Account type, output of account_from_sid - * * @return array Tuple of success/failure indicator and error message */ -function pkgbase_delete_comment($atype) { - if (!$atype) { +function pkgbase_delete_comment() { + $uid = uid_from_sid($_COOKIE["AURSID"]); + if (!$uid) { return array(false, __("You must be logged in before you can edit package information.")); } @@ -861,8 +850,7 @@ function pkgbase_delete_comment($atype) { } $dbh = DB::connect(); - $uid = uid_from_sid($_COOKIE["AURSID"]); - if (can_delete_comment($comment_id, $atype, $uid)) { + if (can_delete_comment($comment_id)) { $q = "UPDATE PackageComments "; $q.= "SET DelUsersID = ".$uid." "; $q.= "WHERE ID = ".intval($comment_id); @@ -877,12 +865,12 @@ function pkgbase_delete_comment($atype) { * Change package base category * * @param int Package base ID of the package base to modify - * @param string $atype Account type, output of account_from_sid * * @return array Tuple of success/failure indicator and error message */ -function pkgbase_change_category($base_id, $atype) { - if (!$atype) { +function pkgbase_change_category($base_id) { + $uid = uid_from_sid($_COOKIE["AURSID"]); + if (!$uid) { return array(false, __("You must be logged in before you can edit package information.")); } @@ -906,21 +894,16 @@ function pkgbase_change_category($base_id, $atype) { if ($result) { $row = $result->fetch(PDO::FETCH_ASSOC); } - else { - return array(false, __("You are not allowed to change this package category.")); - } - $uid = uid_from_sid($_COOKIE["AURSID"]); - if ($uid == $row["MaintainerUID"] || - ($atype == "Developer" || $atype == "Trusted User")) { - $q = "UPDATE PackageBases "; - $q.= "SET CategoryID = ".intval($category_id)." "; - $q.= "WHERE ID = ".intval($base_id); - $dbh->exec($q); - return array(true, __("Package category changed.")); - } else { + if (!$result || !has_credential(CRED_PKGBASE_CHANGE_CATEGORY, array($row["MaintainerUID"]))) { return array(false, __("You are not allowed to change this package category.")); } + + $q = "UPDATE PackageBases "; + $q.= "SET CategoryID = ".intval($category_id)." "; + $q.= "WHERE ID = ".intval($base_id); + $dbh->exec($q); + return array(true, __("Package category changed.")); } /** diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php index a2b8a0d..29da97b 100644 --- a/web/lib/pkgfuncs.inc.php +++ b/web/lib/pkgfuncs.inc.php @@ -9,17 +9,15 @@ include_once("pkgbasefuncs.inc.php"); * comments. This function is used for the backend side of comment deletion. * * @param string $comment_id The comment ID in the database - * @param string $atype The account type of the user trying to delete a comment - * @param string|int $uid The user ID of the individual trying to delete a comment * * @return bool True if the user can delete the comment, otherwise false */ -function can_delete_comment($comment_id=0, $atype="", $uid=0) { - if (!$uid) { +function can_delete_comment($comment_id=0) { + if (!uid_from_sid($_COOKIE["AURSID"])) { /* Unauthenticated users cannot delete anything. */ return false; } - if ($atype == "Trusted User" || $atype == "Developer") { + if (has_credential(CRED_COMMENT_DELETE)) { /* TUs and developers can delete any comment. */ return true; } @@ -45,23 +43,11 @@ function can_delete_comment($comment_id=0, $atype="", $uid=0) { * comments. This function is used for the frontend side of comment deletion. * * @param array $comment All database information relating a specific comment - * @param string $atype The account type of the user trying to delete a comment - * @param string|int $uid The user ID of the individual trying to delete a comment * * @return bool True if the user can delete the comment, otherwise false */ -function can_delete_comment_array($comment, $atype="", $uid=0) { - if (!$uid) { - /* Unauthenticated users cannot delete anything. */ - return false; - } elseif ($atype == "Trusted User" || $atype == "Developer") { - /* TUs and developers can delete any comment. */ - return true; - } else if ($comment['UsersID'] == $uid) { - /* Users can delete their own comments. */ - return true; - } - return false; +function can_delete_comment_array($comment) { + return has_credential(CRED_COMMENT_DELETE, array($comment['UsersID'])); } /** @@ -70,18 +56,10 @@ function can_delete_comment_array($comment, $atype="", $uid=0) { * Only Trusted Users and Developers can delete blacklisted packages. Packages * are blacklisted if they are include in the official repositories. * - * @param string $atype The account type of the user - * * @return bool True if the user can submit blacklisted packages, otherwise false */ -function can_submit_blacklisted($atype = "") { - if ($atype == "Trusted User" || $atype == "Developer") { - /* Only TUs and developers can submit blacklisted packages. */ - return true; - } - else { - return false; - } +function can_submit_blacklisted() { + return has_credential(CRED_PKGBASE_SUBMIT_BLACKLISTED); } /** diff --git a/web/lib/pkgreqfuncs.inc.php b/web/lib/pkgreqfuncs.inc.php index 76780fe..09047eb 100644 --- a/web/lib/pkgreqfuncs.inc.php +++ b/web/lib/pkgreqfuncs.inc.php @@ -182,7 +182,7 @@ function pkgreq_close($id, $reason, $comments) { $dbh = DB::connect(); $id = intval($id); - if (!check_user_privileges()) { + if (!has_credential(CRED_PKGREQ_CLOSE)) { return array(false, __("Only TUs and developers can close requests.")); } |