[minilinux] implemented permission-system. you can't see the side without any permission. there are only 2 permissions: show the side and update content (which includes the show permission).

5 files changed, 59 insertions, 39 deletions

diff --git a/modules-available/minilinux/lang/de/permissions.json b/modules-available/minilinux/lang/de/permissions.json
new file mode 100644
index 00000000..372ffc88
--- /dev/null
+++ b/modules-available/minilinux/lang/de/permissions.json
@@ -0,0 +1,4 @@
+{
+	"show": "Zeige Komponenten des Minilinux. Wird nicht benötigt, wenn Nutzer eine der anderen Rechte hat.",
+	"update": "Aktualisieren von Komponenten des Minilinux."
+}
\ No newline at end of file
diff --git a/modules-available/minilinux/lang/en/permissions.json b/modules-available/minilinux/lang/en/permissions.json
new file mode 100644
index 00000000..878388b0
--- /dev/null
+++ b/modules-available/minilinux/lang/en/permissions.json
@@ -0,0 +1,4 @@
+{
+	"show": "Show list of minilinux components. Not needed if User has any of the other permissions.",
+	"update": "Update minilinux components."
+}
\ No newline at end of file
diff --git a/modules-available/minilinux/page.inc.php b/modules-available/minilinux/page.inc.php
index 2623500b..df4f14a3 100644
--- a/modules-available/minilinux/page.inc.php
+++ b/modules-available/minilinux/page.inc.php
@@ -7,7 +7,12 @@ class Page_MiniLinux extends Page
 	{
 		User::load();
 
-		if (!User::hasPermission('superadmin')) {
+		if (!User::isLoggedIn()) {
+			Message::addError('main.no-permission');
+			Util::redirect('?do=Main');
+		}
+
+		if (!(User::hasPermission("show") || User::hasPermission("update"))) {
 			Message::addError('main.no-permission');
 			Util::redirect('?do=Main');
 		}
@@ -81,48 +86,51 @@ class Page_MiniLinux extends Page
 				$system['version'] = $selected['version'];
 			}
 			$data['versions'] = array_values($versionNumbers);
+			$data['allowedToUpdate'] = User::hasPermission("update");
 			echo Render::parse('filelist', $data);
 			return;
 		case 'download':
-			$id = Request::post('id');
-			$name = Request::post('name');
-			if (!$id || !$name || strpos("$id$name", '/') !== false) {
-				echo "Invalid download request";
-				return;
-			}
-			$file = false;
-			$gpg = 'missing';
-			foreach ($data['systems'] as &$system) {
-				if ($system['id'] !== $id) continue;
-				foreach ($system['versions'] as &$version) {
-					if ($version['version'] != $selectedVersion) continue;
-					foreach ($version['files'] as &$f) {
-						if ($f['name'] !== $name) continue;
-						$file = $f;
-						if (!empty($f['gpg'])) $gpg = $f['gpg'];
-						break;
+			if (User::hasPermission("update")) {
+				$id = Request::post('id');
+				$name = Request::post('name');
+				if (!$id || !$name || strpos("$id$name", '/') !== false) {
+					echo "Invalid download request";
+					return;
+				}
+				$file = false;
+				$gpg = 'missing';
+				foreach ($data['systems'] as &$system) {
+					if ($system['id'] !== $id) continue;
+					foreach ($system['versions'] as &$version) {
+						if ($version['version'] != $selectedVersion) continue;
+						foreach ($version['files'] as &$f) {
+							if ($f['name'] !== $name) continue;
+							$file = $f;
+							if (!empty($f['gpg'])) $gpg = $f['gpg'];
+							break;
+						}
 					}
 				}
-			}
-			if ($file === false) {
-				echo "Nonexistent system/file: $id / $name";
-				return;
-			}
-			$task = Taskmanager::submit('DownloadFile', array(
-				'url' => CONFIG_REMOTE_ML . '/' . $id . '/' . $selectedVersion . '/' . $name,
-				'destination' => CONFIG_HTTP_DIR . '/' . $id . '/' . $name,
-				'gpg' => $gpg
-			));
-			if (!isset($task['id'])) {
-				echo 'Error launching download task: ' . $task['statusCode'];
+				if ($file === false) {
+					echo "Nonexistent system/file: $id / $name";
+					return;
+				}
+				$task = Taskmanager::submit('DownloadFile', array(
+					'url' => CONFIG_REMOTE_ML . '/' . $id . '/' . $selectedVersion . '/' . $name,
+					'destination' => CONFIG_HTTP_DIR . '/' . $id . '/' . $name,
+					'gpg' => $gpg
+				));
+				if (!isset($task['id'])) {
+					echo 'Error launching download task: ' . $task['statusCode'];
+					return;
+				}
+				Property::setDownloadTask($file['md5'], $task['id']);
+				echo Render::parse('download', array(
+					'name' => $name,
+					'task' => $task['id']
+				));
 				return;
 			}
-			Property::setDownloadTask($file['md5'], $task['id']);
-			echo Render::parse('download', array(
-				'name' => $name,
-				'task' => $task['id']
-			));
-			return;
 		}
 	}
 
diff --git a/modules-available/minilinux/permissions/permissions.json b/modules-available/minilinux/permissions/permissions.json
new file mode 100644
index 00000000..457d9810
--- /dev/null
+++ b/modules-available/minilinux/permissions/permissions.json
@@ -0,0 +1,4 @@
+[
+	"show",
+	"update"
+]
\ No newline at end of file
diff --git a/modules-available/minilinux/templates/filelist.html b/modules-available/minilinux/templates/filelist.html
index a1d0aa48..34138c14 100644
--- a/modules-available/minilinux/templates/filelist.html
+++ b/modules-available/minilinux/templates/filelist.html
@@ -18,7 +18,7 @@
 			<p>
 				{{lang_canUpdate1}} <b>{{title}}</b> {{lang_canUpdate2}}
 			</p>
-			<p><span class="btn btn-primary" onclick="slxUpdateAll(this, 'download-{{id}}')">{{lang_update}}</span></p>
+			<button {{^allowedToUpdate}}disabled{{/allowedToUpdate}} class="btn btn-primary" onclick="slxUpdateAll(this, 'download-{{id}}')"><span class="glyphicon glyphicon-refresh"></span> {{lang_update}}<span></span></button>
 			{{/systemChanged}}
 			{{^systemChanged}}
 			<p>{{lang_systemUpdated}}</p>
@@ -35,8 +35,8 @@
 							{{#fileChanged}}<span class="glyphicon glyphicon-exclamation-sign"></span> <b>{{lang_outdated}}</b>{{/fileChanged}}
 						</div>
 						<div class="col-xs-2">
-							{{#fileChanged}}<span class="btn btn-primary btn-xs update-button" onclick="slxUpdate('{{uid}}', '{{id}}', '{{name}}')">{{lang_update}}</span>{{/fileChanged}}
-							{{^fileChanged}}<span class="btn btn-default btn-xs" onclick="slxUpdate('{{uid}}', '{{id}}', '{{name}}')">{{lang_redownload}}</span>{{/fileChanged}}
+							{{#fileChanged}}<button {{^allowedToUpdate}}disabled{{/allowedToUpdate}} class="btn btn-primary btn-xs update-button" onclick="slxUpdate('{{uid}}', '{{id}}', '{{name}}')"><span class="glyphicon glyphicon-refresh"></span> {{lang_update}}</button> {{/fileChanged}}
+							{{^fileChanged}}<button {{^allowedToUpdate}}disabled{{/allowedToUpdate}} class="btn btn-default btn-xs" onclick="slxUpdate('{{uid}}', '{{id}}', '{{name}}')"><span class="glyphicon glyphicon-download-alt"></span> {{lang_redownload}}</button> {{/fileChanged}}
 						</div>
 					</div>
 					{{{download}}}