From f8778f213cb9f916fa56279c9e1cf6deb067b35c Mon Sep 17 00:00:00 2001
From: Christian Hofmaier
Date: Fri, 27 Oct 2017 16:49:13 +0200
Subject: [dozmod] implemented new permission system to module for: deleting
 expired vm versions, sending testmails and saving mailconfig, resetting
 templates or saving them, saving runtimeconfig, giving users rights (when no
 permission, it will show another animation). Also fixed a design issue
 (dialog instead of modal).

---
 modules-available/dozmod/page.inc.php | 44 ++++++++++++++++++++++++++---------
 1 file changed, 33 insertions(+), 11 deletions(-)

(limited to 'modules-available/dozmod/page.inc.php')

diff --git a/modules-available/dozmod/page.inc.php b/modules-available/dozmod/page.inc.php
index 24ad00d8..19c05555 100644
--- a/modules-available/dozmod/page.inc.php
+++ b/modules-available/dozmod/page.inc.php
@@ -27,7 +27,7 @@ class Page_DozMod extends Page
 	{
 		User::load();
 
-		if (!User::hasPermission('superadmin')) {
+		if (!User::isLoggedIn()) {
 			Message::addError('main.no-permission');
 			Util::redirect('?do=Main');
 		}
@@ -50,15 +50,30 @@ class Page_DozMod extends Page
 		$action = Request::post('action', false, 'string');
 
 		if ($action === 'mail') {
-			$this->mailHandler();
+			if (User::hasPermission("mail.save")) {
+				$this->mailHandler();
+			} else {
+				Message::addError('main.no-permission');
+				Util::redirect('?do=dozmod&section=mailconfig');
+			}
 		} elseif ($action === 'runtime') {
-			$this->runtimeHandler();
+			if (User::hasPermission("runtimeconfig.save")) {
+				$this->runtimeHandler();
+			} else {
+				Message::addError('main.no-permission');
+				Util::redirect('?do=dozmod&section=runtimeconfig');
+			}
 		} elseif ($action === 'delimages') {
-			$result = $this->handleDeleteImages();
-			if (!empty($result)) {
-				Message::addInfo('delete-images', $result);
+			if (User::hasPermission("images.delete")) {
+				$result = $this->handleDeleteImages();
+				if (!empty($result)) {
+					Message::addInfo('delete-images', $result);
+				}
+				Util::redirect('?do=DozMod');
+			} else {
+				Message::addError('main.no-permission');
+				Util::redirect('?do=dozmod');
 			}
-			Util::redirect('?do=DozMod');
 		} elseif ($action !== false) {
 			Util::traceError('Invalid action: ' . $action);
 		}
@@ -204,8 +219,6 @@ class Page_DozMod extends Page
 	protected function doAjax()
 	{
 		User::load();
-		if (!User::hasPermission('superadmin'))
-			return;
 
 		$this->setupSubPage();
 		if ($this->subPage !== false) {
@@ -214,10 +227,19 @@ class Page_DozMod extends Page
 		}
 
 		$action = Request::post('action');
+
 		if ($action === 'mail') {
-			$this->handleTestMail();
+			if (User::hasPermission("mail.testmail")) {
+				$this->handleTestMail();
+			} else {
+				die('No permission');
+			}
 		} elseif ($action === 'delimages') {
-			die($this->handleDeleteImages());
+			if (User::hasPermission("images.delete")) {
+				die($this->handleDeleteImages());
+			} else {
+				die('No permission');
+			}
 		} elseif ($action === 'getblockinfo') {
 			$this->ajaxGetBlockInfo();
 		}
-- 
cgit v1.2.3-55-g7522