summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEvan Prodromou <evan@status.net>2010-01-08 01:00:29 -0800
committerEvan Prodromou <evan@status.net>2010-01-08 01:00:29 -0800
commit2aa0ab9777a1b2a0eec5946dede56e23daa0defe (patch)
tree2820e6033be731c4707a3fed6e317415fbe6a356
parent4f62d685d04d43332e069c6de393ceb187594a02 (diff)
let system administrators disallow certain admin panels
-rw-r--r--lib/adminpanelaction.php46
-rw-r--r--lib/default.php4
2 files changed, 38 insertions, 12 deletions
diff --git a/lib/adminpanelaction.php b/lib/adminpanelaction.php
index 7997eb2b1..a6981ac61 100644
--- a/lib/adminpanelaction.php
+++ b/lib/adminpanelaction.php
@@ -70,7 +70,7 @@ class AdminPanelAction extends Action
if (!common_logged_in()) {
$this->clientError(_('Not logged in.'));
- return;
+ return false;
}
$user = common_current_user();
@@ -94,7 +94,18 @@ class AdminPanelAction extends Action
if (!$user->hasRight(Right::CONFIGURESITE)) {
$this->clientError(_('You cannot make changes to this site.'));
- return;
+ return false;
+ }
+
+ // This panel must be enabled
+
+ $name = $this->trimmed('action');
+
+ $name = mb_substr($name, 0, -10);
+
+ if (!in_array($name, common_config('admin', 'panels'))) {
+ $this->clientError(_('Changes to that panel are not allowed.'), 403);
+ return false;
}
return true;
@@ -224,7 +235,7 @@ class AdminPanelAction extends Action
$this->clientError(_('saveSettings() not implemented.'));
return;
}
-
+
/**
* Delete a design setting
*
@@ -296,20 +307,33 @@ class AdminPanelNav extends Widget
if (Event::handle('StartAdminPanelNav', array($this))) {
- $this->out->menuItem(common_local_url('siteadminpanel'), _('Site'),
- _('Basic site configuration'), $action_name == 'siteadminpanel', 'nav_site_admin_panel');
+ if ($this->canAdmin('site')) {
+ $this->out->menuItem(common_local_url('siteadminpanel'), _('Site'),
+ _('Basic site configuration'), $action_name == 'siteadminpanel', 'nav_site_admin_panel');
+ }
- $this->out->menuItem(common_local_url('designadminpanel'), _('Design'),
- _('Design configuration'), $action_name == 'designadminpanel', 'nav_design_admin_panel');
+ if ($this->canAdmin('design')) {
+ $this->out->menuItem(common_local_url('designadminpanel'), _('Design'),
+ _('Design configuration'), $action_name == 'designadminpanel', 'nav_design_admin_panel');
+ }
- $this->out->menuItem(common_local_url('useradminpanel'), _('User'),
- _('Paths configuration'), $action_name == 'useradminpanel', 'nav_design_admin_panel');
+ if ($this->canAdmin('user')) {
+ $this->out->menuItem(common_local_url('useradminpanel'), _('User'),
+ _('Paths configuration'), $action_name == 'useradminpanel', 'nav_design_admin_panel');
+ }
- $this->out->menuItem(common_local_url('pathsadminpanel'), _('Paths'),
- _('Paths configuration'), $action_name == 'pathsadminpanel', 'nav_design_admin_panel');
+ if ($this->canAdmin('paths')) {
+ $this->out->menuItem(common_local_url('pathsadminpanel'), _('Paths'),
+ _('Paths configuration'), $action_name == 'pathsadminpanel', 'nav_design_admin_panel');
+ }
Event::handle('EndAdminPanelNav', array($this));
}
$this->action->elementEnd('ul');
}
+
+ function canAdmin($name)
+ {
+ return in_array($name, common_config('admin', 'panels'));
+ }
}
diff --git a/lib/default.php b/lib/default.php
index a52c05b53..fa862f3ff 100644
--- a/lib/default.php
+++ b/lib/default.php
@@ -246,5 +246,7 @@ $default =
'Linkback' => null,
'WikiHashtags' => null,
'OpenID' => null),
- )
+ ),
+ 'admin' =>
+ array('panels' => array('design', 'site', 'user', 'paths')),
);