diff --git a/app/Filament/Resources/Torrent/TorrentResource.php b/app/Filament/Resources/Torrent/TorrentResource.php
index 9f2fa107..7af59e93 100644
--- a/app/Filament/Resources/Torrent/TorrentResource.php
+++ b/app/Filament/Resources/Torrent/TorrentResource.php
@@ -137,8 +137,7 @@ class TorrentResource extends Resource
private static function getBulkActions(): array
{
$actions = [];
- $userClass = Auth::user()->class;
- if ($userClass >= Setting::get('authority.torrentsticky')) {
+ if (user_can('torrentsticky')) {
$actions[] = Tables\Actions\BulkAction::make('posState')
->label(__('admin.resources.torrent.bulk_action_pos_state'))
->form([
@@ -160,7 +159,7 @@ class TorrentResource extends Resource
->deselectRecordsAfterCompletion();
}
- if ($userClass >= Setting::get('authority.torrentmanage')) {
+ if (user_can('torrentmanage')) {
$actions[] = Tables\Actions\BulkAction::make('remove_tag')
->label(__('admin.resources.torrent.bulk_action_remove_tag'))
->requiresConfirmation()
diff --git a/app/Http/Controllers/Controller.php b/app/Http/Controllers/Controller.php
index f6de71c1..894c494a 100644
--- a/app/Http/Controllers/Controller.php
+++ b/app/Http/Controllers/Controller.php
@@ -57,11 +57,4 @@ class Controller extends BaseController
return Str::slug("$title.$action", '.');
}
- protected function checkPermission($permission)
- {
- if (Auth::user()->class < Setting::get($permission)) {
- throw new InsufficientPermissionException();
- }
- }
-
}
diff --git a/app/Http/Controllers/TorrentController.php b/app/Http/Controllers/TorrentController.php
index 642b7893..013bb506 100644
--- a/app/Http/Controllers/TorrentController.php
+++ b/app/Http/Controllers/TorrentController.php
@@ -106,8 +106,8 @@ class TorrentController extends Controller
public function approvalPage(Request $request)
{
+ user_can('torrent-approval', true);
$request->validate(['torrent_id' => 'required']);
- $this->checkPermission('authority.torrentmanage');
$torrentId = $request->torrent_id;
$torrent = Torrent::query()->findOrFail($torrentId, Torrent::$commentFields);
$denyReasons = TorrentDenyReason::query()->orderBy('priority', 'desc')->get();
@@ -116,8 +116,8 @@ class TorrentController extends Controller
public function approvalLogs(Request $request)
{
+ user_can('torrent-approval', true);
$request->validate(['torrent_id' => 'required']);
- $this->checkPermission('authority.torrentmanage');
$torrentId = $request->torrent_id;
$actionTypes = [
TorrentOperationLog::ACTION_TYPE_APPROVAL_NONE,
@@ -138,11 +138,11 @@ class TorrentController extends Controller
public function approval(Request $request)
{
+ user_can('torrent-approval', true);
$request->validate([
'torrent_id' => 'required',
'approval_status' => 'required',
]);
- $this->checkPermission('authority.torrentmanage');
$params = $request->all();
$this->repository->approval(Auth::user(), $params);
return $this->success($params);
diff --git a/app/Repositories/TorrentRepository.php b/app/Repositories/TorrentRepository.php
index 0c83bcd0..62f5feba 100644
--- a/app/Repositories/TorrentRepository.php
+++ b/app/Repositories/TorrentRepository.php
@@ -434,9 +434,7 @@ class TorrentRepository extends BaseRepository
public function buildApprovalModal($user, $torrentId)
{
$user = $this->getUser($user);
- if ($user->class < Setting::get('authority.torrentmanage')) {
- throw new \RuntimeException("No permission !");
- }
+ user_can('torrent-approval', true);
$torrent = Torrent::query()->findOrFail($torrentId, ['id', 'approval_status', 'banned']);
$radios = [];
foreach (Torrent::$approvalStatus as $key => $value) {
@@ -479,9 +477,7 @@ class TorrentRepository extends BaseRepository
public function approval($user, array $params): array
{
$user = $this->getUser($user);
- if ($user->class < Setting::get('authority.torrentmanage')) {
- throw new InsufficientPermissionException();
- }
+ user_can('torrent-approval', true);
$torrent = Torrent::query()->findOrFail($params['torrent_id'], ['id', 'banned', 'approval_status', 'visible', 'owner']);
$lastLog = TorrentOperationLog::query()
->where('torrent_id', $params['torrent_id'])
@@ -578,9 +574,7 @@ class TorrentRepository extends BaseRepository
public function syncTags($id, array $tagIdArr = [])
{
- if (Auth::user()->class < Setting::get('authority.torrentmanage')) {
- throw new InsufficientPermissionException();
- }
+ user_can('torrentmanage', true);
$idArr = Arr::wrap($id);
return NexusDB::transaction(function () use ($idArr, $tagIdArr) {
$insert = [];
@@ -606,9 +600,7 @@ class TorrentRepository extends BaseRepository
public function setPosState($id, $posState): int
{
- if (Auth::user()->class < Setting::get('authority.torrentsticky')) {
- throw new InsufficientPermissionException();
- }
+ user_can('torrentsticky', true);
$idArr = Arr::wrap($id);
return Torrent::query()->whereIn('id', $idArr)->update(['pos_state' => $posState]);
}
diff --git a/include/globalfunctions.php b/include/globalfunctions.php
index baca7dcb..f323497e 100644
--- a/include/globalfunctions.php
+++ b/include/globalfunctions.php
@@ -922,11 +922,15 @@ function user_can($permission, $fail = false, $uid = 0): bool
$requireClass = get_setting("authority.$permission");
if (!is_bool($result)) {
$result = is_numeric($requireClass) && $requireClass >= 0 && $requireClass < $userInfo['class'];
- do_log("$log, requireClass: $requireClass, result: $result");
+ $log .= ", requireClass: $requireClass, result: $result";
+ } else {
+ $log .= ", get result: $result from filter nexus_user_can";
}
if (!$fail || $result) {
+ do_log($log);
return $result;
}
+ do_log("$log, [FAIL]");
if (IN_NEXUS && !IN_TRACKER) {
global $lang_functions;
if (isset(User::$classes[$requireClass])) {
@@ -935,5 +939,5 @@ function user_can($permission, $fail = false, $uid = 0): bool
stderr($lang_functions['std_error'], $lang_functions['std_permission_denied']);
}
}
- throw new \Illuminate\Auth\Access\AuthorizationException();
+ throw new \App\Exceptions\InsufficientPermissionException();
}
diff --git a/public/details.php b/public/details.php
index 8e779a19..f5569865 100644
--- a/public/details.php
+++ b/public/details.php
@@ -156,7 +156,7 @@ if (!$row) {
if (user_can('askreseed') && $row['seeders'] == 0) {
$actions[] = "![\"reseed\"](\"pic/trans.gif\")
".$lang_details['text_ask_for_reseed'] ."";
}
- if (user_can('torrentmanage') && (get_setting('torrent.approval_status_icon_enabled') == 'yes' || get_setting('torrent.approval_status_none_visible') == 'no')) {
+ if (user_can('torrent-approval') && (get_setting('torrent.approval_status_icon_enabled') == 'yes' || get_setting('torrent.approval_status_none_visible') == 'no')) {
$approvalIcon = '';
$actions[] = sprintf(
'%s %s',