admin page checks for right to review flags

2009-12-27 11:04:53 -08:00 · 2009-12-27 11:04:53 -08:00 · 5d6b6bfd34
commit 5d6b6bfd34
parent 1a462b04d7
2 changed files with 54 additions and 1 deletions
--- a/plugins/UserFlag/UserFlagPlugin.php
+++ b/plugins/UserFlag/UserFlagPlugin.php
@ -43,6 +43,8 @@ if (!defined('STATUSNET') && !defined('LACONICA')) {

 class UserFlagPlugin extends Plugin
 {
+    const REVIEWFLAGS = 'UserFlagPlugin::reviewflags';
+
    function onCheckSchema()
    {
        $schema = Schema::get();
@ -138,7 +140,7 @@ class UserFlagPlugin extends Plugin

    function onEndShowStatusNetStyles($action)
    {
-        $action->cssLink(common_path('plugins/UserFlag/userflag.css'), 
+        $action->cssLink(common_path('plugins/UserFlag/userflag.css'),
                         null, 'screen, projection, tv');
        return true;
    }
@ -148,4 +150,12 @@ class UserFlagPlugin extends Plugin
        $action->inlineScript('if ($(".form_entity_flag").length > 0) { SN.U.FormXHR($(".form_entity_flag")); }');
        return true;
    }
+
+    function onUserRightsCheck($user, $right, &$result) {
+        if ($right == self::REVIEWFLAGS) {
+            $result = $user->hasRole('moderator');
+            return false; // done processing!
+        }
+        return true; // unchanged!
+    }
 }
--- a/plugins/UserFlag/adminprofileflag.php
+++ b/plugins/UserFlag/adminprofileflag.php
@ -43,6 +43,8 @@ if (!defined('STATUSNET')) {

 class AdminprofileflagAction extends Action
 {
+    var $page = null;
+
    /**
     * Take arguments for running
     *
@ -55,6 +57,47 @@ class AdminprofileflagAction extends Action
    {
        parent::prepare($args);

+        $user = common_current_user();
+
+        // User must be logged in.
+
+        if (!common_logged_in()) {
+            $this->clientError(_('Not logged in.'));
+            return;
+        }
+
+        $user = common_current_user();
+
+        // ...because they're logged in
+
+        assert(!empty($user));
+
+        // It must be a "real" login, not saved cookie login
+
+        if (!common_is_real_login()) {
+            // Cookie theft is too easy; we require automatic
+            // logins to re-authenticate before admining the site
+            common_set_returnto($this->selfUrl());
+            if (Event::handle('RedirectToLogin', array($this, $user))) {
+                common_redirect(common_local_url('login'), 303);
+            }
+        }
+
+        // User must have the right to review flags
+
+        if (!$user->hasRight(UserFlagPlugin::REVIEWFLAGS)) {
+            $this->clientError(_('You cannot review profile flags.'));
+            return false;
+        }
+
+        $page = $this->int('page');
+
+        if (empty($page)) {
+            $this->page = 1;
+        } else {
+            $this->page = $page;
+        }
+
        return true;
    }