summaryrefslogtreecommitdiffstats
path: root/modules-available/sysconfig/page.inc.php
diff options
context:
space:
mode:
Diffstat (limited to 'modules-available/sysconfig/page.inc.php')
-rw-r--r--modules-available/sysconfig/page.inc.php44
1 files changed, 34 insertions, 10 deletions
diff --git a/modules-available/sysconfig/page.inc.php b/modules-available/sysconfig/page.inc.php
index 30271514..515d432c 100644
--- a/modules-available/sysconfig/page.inc.php
+++ b/modules-available/sysconfig/page.inc.php
@@ -59,7 +59,7 @@ class Page_SysConfig extends Page
{
User::load();
- if (!User::hasPermission('superadmin')) {
+ if (!User::isLoggedIn()) {
Message::addError('main.no-permission');
Util::redirect('?do=Main');
}
@@ -90,6 +90,7 @@ class Page_SysConfig extends Page
// Action: "addmodule" (upload new module)
if ($action === 'addmodule') {
+ User::assertPermission('module.edit');
$this->initAddModule();
AddModule_Base::preprocess();
}
@@ -97,18 +98,22 @@ class Page_SysConfig extends Page
if ($action === 'module') {
// Action: "delmodule" (delete module)
if (Request::post('del', 'no') !== 'no') {
+ User::assertPermission('module.edit');
$this->delModule();
}
if (Request::post('download', 'no') !== 'no') {
+ User::assertPermission('module.download');
$this->downloadModule();
}
if (Request::post('rebuild', 'no') !== 'no') {
+ User::assertPermission('module.edit');
$this->rebuildModule();
}
}
// Action: "addconfig" (compose config from one or more modules)
if ($action === 'addconfig') {
+ User::assertPermission('config.edit');
$this->initAddConfig();
AddConfig_Base::preprocess();
}
@@ -116,14 +121,17 @@ class Page_SysConfig extends Page
if ($action === 'config') {
// Action: "delconfig" (delete config)
if (Request::post('del', 'no') !== 'no') {
+ User::assertPermission('config.edit');
$this->delConfig();
}
// Action "activate" (set sysconfig as active)
if (Request::post('activate', 'no') !== 'no') {
+ User::assertPermission('config.assign', $this->currentLoc);
$this->activateConfig();
}
// Action "rebuild" (rebuild config.tgz from its modules)
if (Request::post('rebuild', 'no') !== 'no') {
+ User::assertPermission('config.edit');
$this->rebuildConfig();
}
}
@@ -141,15 +149,24 @@ class Page_SysConfig extends Page
$action = Request::any('action', 'list');
switch ($action) {
case 'addmodule':
+ User::assertPermission('module.edit');
AddModule_Base::render();
return;
case 'addconfig':
+ User::assertPermission('config.edit');
AddConfig_Base::render();
return;
case 'list':
+ $pMods = User::hasPermission('module.view-list');
+ $pConfs = User::hasPermission('config.view-list');
+ if (!($pMods || $pConfs)) {
+ User::assertPermission('config.view-list');
+ }
Render::openTag('div', array('class' => 'row'));
- $this->listConfigs();
- if ($this->currentLoc === 0) {
+ if ($pConfs) {
+ $this->listConfigs();
+ }
+ if ($this->currentLoc === 0 && $pMods) {
$this->listModules();
}
Render::closeTag('div');
@@ -159,6 +176,7 @@ class Page_SysConfig extends Page
Render::addTemplate('js'); // Make this js snippet a template so i18n works
return;
case 'module':
+ User::assertPermission('module.view-list');
$listid = Request::post('list');
if ($listid !== false) {
$this->listModuleContents($listid);
@@ -166,6 +184,7 @@ class Page_SysConfig extends Page
}
break;
case 'config':
+ User::assertPermission('config.view-list');
$listid = Request::post('list');
if ($listid !== false) {
$this->listConfigContents($listid);
@@ -238,13 +257,16 @@ class Page_SysConfig extends Page
'needrebuild' => ($row['status'] !== 'OK')
);
}
- Render::addTemplate('list-configs', array(
+ $data = array(
'locationid' => $this->currentLoc,
'locationname' => $locationName,
'havelocations' => Module::isAvailable('locations'),
'configs' => $configs,
'inheritConfig' => !$hasDefault,
- ));
+ );
+ Permission::addGlobalTags($data['perms'], null, ['config.edit']);
+ Permission::addGlobalTags($data['perms'], $this->currentLoc, ['config.assign']);
+ Render::addTemplate('list-configs', $data);
}
private function listModules()
@@ -254,10 +276,12 @@ class Page_SysConfig extends Page
$types = array_map(function ($mod) { return $mod->moduleType(); }, $modules);
$titles = array_map(function ($mod) { return $mod->title(); }, $modules);
array_multisort($types, SORT_ASC, $titles, SORT_ASC, $modules);
- Render::addTemplate('list-modules', array(
+ $data = array(
'modules' => $modules,
'havemodules' => (count($modules) > 0)
- ));
+ );
+ Permission::addGlobalTags($data['perms'], null, ['module.edit', 'module.download']);
+ Render::addTemplate('list-modules', $data);
}
private function listModuleContents($moduleid)
@@ -401,12 +425,12 @@ class Page_SysConfig extends Page
$task = Taskmanager::submit('DeleteFile', array(
'file' => $row['filepath']
));
- if (isset($task['statusCode']) && $task['statusCode'] === TASK_WAITING) {
+ if (isset($task['statusCode']) && $task['statusCode'] === Taskmanager::TASK_WAITING) {
$task = Taskmanager::waitComplete($task['id']);
}
- if (!isset($task['statusCode']) || $task['statusCode'] === TASK_ERROR) {
+ if (!isset($task['statusCode']) || $task['statusCode'] === Taskmanager::TASK_ERROR) {
Message::addWarning('main.task-error', $task['data']['error']);
- } elseif ($task['statusCode'] === TASK_FINISHED) {
+ } elseif ($task['statusCode'] === Taskmanager::TASK_FINISHED) {
Message::addSuccess('module-deleted', $row['title']);
}
Database::exec("DELETE FROM configtgz_module WHERE moduleid = :moduleid LIMIT 1", array('moduleid' => $moduleid));
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-04-20 09:00:08 +0200