From 6e5809586fa22a78b9c66130a62a411a594be715 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sat, 6 Feb 2010 16:32:50 +0100 Subject: Move authorization for admin panels to AdminPanelAction class --- lib/adminpanelaction.php | 29 ++++++++++++++++++----------- 1 file changed, 18 insertions(+), 11 deletions(-) (limited to 'lib') diff --git a/lib/adminpanelaction.php b/lib/adminpanelaction.php index f05627b31..536d97cdf 100644 --- a/lib/adminpanelaction.php +++ b/lib/adminpanelaction.php @@ -103,7 +103,7 @@ class AdminPanelAction extends Action $name = mb_substr($name, 0, -10); - if (!in_array($name, common_config('admin', 'panels'))) { + if (!self::canAdmin($name)) { $this->clientError(_('Changes to that panel are not allowed.'), 403); return false; } @@ -262,6 +262,17 @@ class AdminPanelAction extends Action return $result; } + + function canAdmin($name) + { + $isOK = false; + + if (Event::handle('AdminPanelCheck', array($name, &$isOK))) { + $isOK = in_array($name, common_config('admin', 'panels')); + } + + return $isOK; + } } /** @@ -307,32 +318,32 @@ class AdminPanelNav extends Widget if (Event::handle('StartAdminPanelNav', array($this))) { - if ($this->canAdmin('site')) { + if (AdminPanelAction::canAdmin('site')) { $this->out->menuItem(common_local_url('siteadminpanel'), _('Site'), _('Basic site configuration'), $action_name == 'siteadminpanel', 'nav_site_admin_panel'); } - if ($this->canAdmin('design')) { + if (AdminPanelAction::canAdmin('design')) { $this->out->menuItem(common_local_url('designadminpanel'), _('Design'), _('Design configuration'), $action_name == 'designadminpanel', 'nav_design_admin_panel'); } - if ($this->canAdmin('user')) { + if (AdminPanelAction::canAdmin('user')) { $this->out->menuItem(common_local_url('useradminpanel'), _('User'), _('User configuration'), $action_name == 'useradminpanel', 'nav_design_admin_panel'); } - if ($this->canAdmin('access')) { + if (AdminPanelAction::canAdmin('access')) { $this->out->menuItem(common_local_url('accessadminpanel'), _('Access'), _('Access configuration'), $action_name == 'accessadminpanel', 'nav_design_admin_panel'); } - if ($this->canAdmin('paths')) { + if (AdminPanelAction::canAdmin('paths')) { $this->out->menuItem(common_local_url('pathsadminpanel'), _('Paths'), _('Paths configuration'), $action_name == 'pathsadminpanel', 'nav_design_admin_panel'); } - if ($this->canAdmin('sessions')) { + if (AdminPanelAction::canAdmin('sessions')) { $this->out->menuItem(common_local_url('sessionsadminpanel'), _('Sessions'), _('Sessions configuration'), $action_name == 'sessionsadminpanel', 'nav_design_admin_panel'); } @@ -342,8 +353,4 @@ class AdminPanelNav extends Widget $this->action->elementEnd('ul'); } - function canAdmin($name) - { - return in_array($name, common_config('admin', 'panels')); - } } -- cgit v1.2.3-54-g00ecf From ea044722e015195c5422556ae279cac71b954ee8 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 26 Feb 2010 12:28:58 -0500 Subject: 'on' is what checkboxes use for boolean true --- lib/action.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/action.php b/lib/action.php index cc4f4aad0..0a607b42d 100644 --- a/lib/action.php +++ b/lib/action.php @@ -974,7 +974,7 @@ class Action extends HTMLOutputter // lawsuit if (is_null($arg)) { return $def; - } else if (in_array($arg, array('true', 'yes', '1'))) { + } else if (in_array($arg, array('true', 'yes', '1', 'on'))) { return true; } else if (in_array($arg, array('false', 'no', '0'))) { return false; -- cgit v1.2.3-54-g00ecf