From 3ddf56c399746efe3c56194b7be522a92caefb59 Mon Sep 17 00:00:00 2001 From: Christian Hofmaier Date: Tue, 16 Jan 2018 17:50:22 +0100 Subject: [minilinux] implemented permission-system. you can't see the side without any permission. there are only 2 permissions: show the side and update content (which includes the show permission). --- .../minilinux/lang/de/permissions.json | 4 ++ .../minilinux/lang/en/permissions.json | 4 ++ modules-available/minilinux/page.inc.php | 80 ++++++++++++---------- .../minilinux/permissions/permissions.json | 4 ++ .../minilinux/templates/filelist.html | 6 +- 5 files changed, 59 insertions(+), 39 deletions(-) create mode 100644 modules-available/minilinux/lang/de/permissions.json create mode 100644 modules-available/minilinux/lang/en/permissions.json create mode 100644 modules-available/minilinux/permissions/permissions.json diff --git a/modules-available/minilinux/lang/de/permissions.json b/modules-available/minilinux/lang/de/permissions.json new file mode 100644 index 00000000..372ffc88 --- /dev/null +++ b/modules-available/minilinux/lang/de/permissions.json @@ -0,0 +1,4 @@ +{ + "show": "Zeige Komponenten des Minilinux. Wird nicht benötigt, wenn Nutzer eine der anderen Rechte hat.", + "update": "Aktualisieren von Komponenten des Minilinux." +} \ No newline at end of file diff --git a/modules-available/minilinux/lang/en/permissions.json b/modules-available/minilinux/lang/en/permissions.json new file mode 100644 index 00000000..878388b0 --- /dev/null +++ b/modules-available/minilinux/lang/en/permissions.json @@ -0,0 +1,4 @@ +{ + "show": "Show list of minilinux components. Not needed if User has any of the other permissions.", + "update": "Update minilinux components." +} \ No newline at end of file diff --git a/modules-available/minilinux/page.inc.php b/modules-available/minilinux/page.inc.php index 2623500b..df4f14a3 100644 --- a/modules-available/minilinux/page.inc.php +++ b/modules-available/minilinux/page.inc.php @@ -7,7 +7,12 @@ class Page_MiniLinux extends Page { User::load(); - if (!User::hasPermission('superadmin')) { + if (!User::isLoggedIn()) { + Message::addError('main.no-permission'); + Util::redirect('?do=Main'); + } + + if (!(User::hasPermission("show") || User::hasPermission("update"))) { Message::addError('main.no-permission'); Util::redirect('?do=Main'); } @@ -81,48 +86,51 @@ class Page_MiniLinux extends Page $system['version'] = $selected['version']; } $data['versions'] = array_values($versionNumbers); + $data['allowedToUpdate'] = User::hasPermission("update"); echo Render::parse('filelist', $data); return; case 'download': - $id = Request::post('id'); - $name = Request::post('name'); - if (!$id || !$name || strpos("$id$name", '/') !== false) { - echo "Invalid download request"; - return; - } - $file = false; - $gpg = 'missing'; - foreach ($data['systems'] as &$system) { - if ($system['id'] !== $id) continue; - foreach ($system['versions'] as &$version) { - if ($version['version'] != $selectedVersion) continue; - foreach ($version['files'] as &$f) { - if ($f['name'] !== $name) continue; - $file = $f; - if (!empty($f['gpg'])) $gpg = $f['gpg']; - break; + if (User::hasPermission("update")) { + $id = Request::post('id'); + $name = Request::post('name'); + if (!$id || !$name || strpos("$id$name", '/') !== false) { + echo "Invalid download request"; + return; + } + $file = false; + $gpg = 'missing'; + foreach ($data['systems'] as &$system) { + if ($system['id'] !== $id) continue; + foreach ($system['versions'] as &$version) { + if ($version['version'] != $selectedVersion) continue; + foreach ($version['files'] as &$f) { + if ($f['name'] !== $name) continue; + $file = $f; + if (!empty($f['gpg'])) $gpg = $f['gpg']; + break; + } } } - } - if ($file === false) { - echo "Nonexistent system/file: $id / $name"; - return; - } - $task = Taskmanager::submit('DownloadFile', array( - 'url' => CONFIG_REMOTE_ML . '/' . $id . '/' . $selectedVersion . '/' . $name, - 'destination' => CONFIG_HTTP_DIR . '/' . $id . '/' . $name, - 'gpg' => $gpg - )); - if (!isset($task['id'])) { - echo 'Error launching download task: ' . $task['statusCode']; + if ($file === false) { + echo "Nonexistent system/file: $id / $name"; + return; + } + $task = Taskmanager::submit('DownloadFile', array( + 'url' => CONFIG_REMOTE_ML . '/' . $id . '/' . $selectedVersion . '/' . $name, + 'destination' => CONFIG_HTTP_DIR . '/' . $id . '/' . $name, + 'gpg' => $gpg + )); + if (!isset($task['id'])) { + echo 'Error launching download task: ' . $task['statusCode']; + return; + } + Property::setDownloadTask($file['md5'], $task['id']); + echo Render::parse('download', array( + 'name' => $name, + 'task' => $task['id'] + )); return; } - Property::setDownloadTask($file['md5'], $task['id']); - echo Render::parse('download', array( - 'name' => $name, - 'task' => $task['id'] - )); - return; } } diff --git a/modules-available/minilinux/permissions/permissions.json b/modules-available/minilinux/permissions/permissions.json new file mode 100644 index 00000000..457d9810 --- /dev/null +++ b/modules-available/minilinux/permissions/permissions.json @@ -0,0 +1,4 @@ +[ + "show", + "update" +] \ No newline at end of file diff --git a/modules-available/minilinux/templates/filelist.html b/modules-available/minilinux/templates/filelist.html index a1d0aa48..34138c14 100644 --- a/modules-available/minilinux/templates/filelist.html +++ b/modules-available/minilinux/templates/filelist.html @@ -18,7 +18,7 @@

{{lang_canUpdate1}} {{title}} {{lang_canUpdate2}}

-

{{lang_update}}

+ {{/systemChanged}} {{^systemChanged}}

{{lang_systemUpdated}}

@@ -35,8 +35,8 @@ {{#fileChanged}} {{lang_outdated}}{{/fileChanged}}
- {{#fileChanged}}{{lang_update}}{{/fileChanged}} - {{^fileChanged}}{{lang_redownload}}{{/fileChanged}} + {{#fileChanged}} {{/fileChanged}} + {{^fileChanged}} {{/fileChanged}}
{{{download}}} -- cgit v1.2.3-55-g7522