mirror of
https://github.com/lkddi/nexusphp.git
synced 2026-04-24 20:17:24 +08:00
use permission torrent-approval
This commit is contained in:
xiaomlove
@@ -137,8 +137,7 @@ class TorrentResource extends Resource
|
|||||||
private static function getBulkActions(): array
|
private static function getBulkActions(): array
|
||||||
{
|
{
|
||||||
$actions = [];
|
$actions = [];
|
||||||
$userClass = Auth::user()->class;
|
if (user_can('torrentsticky')) {
|
||||||
if ($userClass >= Setting::get('authority.torrentsticky')) {
|
|
||||||
$actions[] = Tables\Actions\BulkAction::make('posState')
|
$actions[] = Tables\Actions\BulkAction::make('posState')
|
||||||
->label(__('admin.resources.torrent.bulk_action_pos_state'))
|
->label(__('admin.resources.torrent.bulk_action_pos_state'))
|
||||||
->form([
|
->form([
|
||||||
@@ -160,7 +159,7 @@ class TorrentResource extends Resource
|
|||||||
->deselectRecordsAfterCompletion();
|
->deselectRecordsAfterCompletion();
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($userClass >= Setting::get('authority.torrentmanage')) {
|
if (user_can('torrentmanage')) {
|
||||||
$actions[] = Tables\Actions\BulkAction::make('remove_tag')
|
$actions[] = Tables\Actions\BulkAction::make('remove_tag')
|
||||||
->label(__('admin.resources.torrent.bulk_action_remove_tag'))
|
->label(__('admin.resources.torrent.bulk_action_remove_tag'))
|
||||||
->requiresConfirmation()
|
->requiresConfirmation()
|
||||||
|
|||||||
@@ -57,11 +57,4 @@ class Controller extends BaseController
|
|||||||
return Str::slug("$title.$action", '.');
|
return Str::slug("$title.$action", '.');
|
||||||
}
|
}
|
||||||
|
|
||||||
protected function checkPermission($permission)
|
|
||||||
{
|
|
||||||
if (Auth::user()->class < Setting::get($permission)) {
|
|
||||||
throw new InsufficientPermissionException();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -106,8 +106,8 @@ class TorrentController extends Controller
|
|||||||
|
|
||||||
public function approvalPage(Request $request)
|
public function approvalPage(Request $request)
|
||||||
{
|
{
|
||||||
|
user_can('torrent-approval', true);
|
||||||
$request->validate(['torrent_id' => 'required']);
|
$request->validate(['torrent_id' => 'required']);
|
||||||
$this->checkPermission('authority.torrentmanage');
|
|
||||||
$torrentId = $request->torrent_id;
|
$torrentId = $request->torrent_id;
|
||||||
$torrent = Torrent::query()->findOrFail($torrentId, Torrent::$commentFields);
|
$torrent = Torrent::query()->findOrFail($torrentId, Torrent::$commentFields);
|
||||||
$denyReasons = TorrentDenyReason::query()->orderBy('priority', 'desc')->get();
|
$denyReasons = TorrentDenyReason::query()->orderBy('priority', 'desc')->get();
|
||||||
@@ -116,8 +116,8 @@ class TorrentController extends Controller
|
|||||||
|
|
||||||
public function approvalLogs(Request $request)
|
public function approvalLogs(Request $request)
|
||||||
{
|
{
|
||||||
|
user_can('torrent-approval', true);
|
||||||
$request->validate(['torrent_id' => 'required']);
|
$request->validate(['torrent_id' => 'required']);
|
||||||
$this->checkPermission('authority.torrentmanage');
|
|
||||||
$torrentId = $request->torrent_id;
|
$torrentId = $request->torrent_id;
|
||||||
$actionTypes = [
|
$actionTypes = [
|
||||||
TorrentOperationLog::ACTION_TYPE_APPROVAL_NONE,
|
TorrentOperationLog::ACTION_TYPE_APPROVAL_NONE,
|
||||||
@@ -138,11 +138,11 @@ class TorrentController extends Controller
|
|||||||
|
|
||||||
public function approval(Request $request)
|
public function approval(Request $request)
|
||||||
{
|
{
|
||||||
|
user_can('torrent-approval', true);
|
||||||
$request->validate([
|
$request->validate([
|
||||||
'torrent_id' => 'required',
|
'torrent_id' => 'required',
|
||||||
'approval_status' => 'required',
|
'approval_status' => 'required',
|
||||||
]);
|
]);
|
||||||
$this->checkPermission('authority.torrentmanage');
|
|
||||||
$params = $request->all();
|
$params = $request->all();
|
||||||
$this->repository->approval(Auth::user(), $params);
|
$this->repository->approval(Auth::user(), $params);
|
||||||
return $this->success($params);
|
return $this->success($params);
|
||||||
|
|||||||
@@ -434,9 +434,7 @@ class TorrentRepository extends BaseRepository
|
|||||||
public function buildApprovalModal($user, $torrentId)
|
public function buildApprovalModal($user, $torrentId)
|
||||||
{
|
{
|
||||||
$user = $this->getUser($user);
|
$user = $this->getUser($user);
|
||||||
if ($user->class < Setting::get('authority.torrentmanage')) {
|
user_can('torrent-approval', true);
|
||||||
throw new \RuntimeException("No permission !");
|
|
||||||
}
|
|
||||||
$torrent = Torrent::query()->findOrFail($torrentId, ['id', 'approval_status', 'banned']);
|
$torrent = Torrent::query()->findOrFail($torrentId, ['id', 'approval_status', 'banned']);
|
||||||
$radios = [];
|
$radios = [];
|
||||||
foreach (Torrent::$approvalStatus as $key => $value) {
|
foreach (Torrent::$approvalStatus as $key => $value) {
|
||||||
@@ -479,9 +477,7 @@ class TorrentRepository extends BaseRepository
|
|||||||
public function approval($user, array $params): array
|
public function approval($user, array $params): array
|
||||||
{
|
{
|
||||||
$user = $this->getUser($user);
|
$user = $this->getUser($user);
|
||||||
if ($user->class < Setting::get('authority.torrentmanage')) {
|
user_can('torrent-approval', true);
|
||||||
throw new InsufficientPermissionException();
|
|
||||||
}
|
|
||||||
$torrent = Torrent::query()->findOrFail($params['torrent_id'], ['id', 'banned', 'approval_status', 'visible', 'owner']);
|
$torrent = Torrent::query()->findOrFail($params['torrent_id'], ['id', 'banned', 'approval_status', 'visible', 'owner']);
|
||||||
$lastLog = TorrentOperationLog::query()
|
$lastLog = TorrentOperationLog::query()
|
||||||
->where('torrent_id', $params['torrent_id'])
|
->where('torrent_id', $params['torrent_id'])
|
||||||
@@ -578,9 +574,7 @@ class TorrentRepository extends BaseRepository
|
|||||||
|
|
||||||
public function syncTags($id, array $tagIdArr = [])
|
public function syncTags($id, array $tagIdArr = [])
|
||||||
{
|
{
|
||||||
if (Auth::user()->class < Setting::get('authority.torrentmanage')) {
|
user_can('torrentmanage', true);
|
||||||
throw new InsufficientPermissionException();
|
|
||||||
}
|
|
||||||
$idArr = Arr::wrap($id);
|
$idArr = Arr::wrap($id);
|
||||||
return NexusDB::transaction(function () use ($idArr, $tagIdArr) {
|
return NexusDB::transaction(function () use ($idArr, $tagIdArr) {
|
||||||
$insert = [];
|
$insert = [];
|
||||||
@@ -606,9 +600,7 @@ class TorrentRepository extends BaseRepository
|
|||||||
|
|
||||||
public function setPosState($id, $posState): int
|
public function setPosState($id, $posState): int
|
||||||
{
|
{
|
||||||
if (Auth::user()->class < Setting::get('authority.torrentsticky')) {
|
user_can('torrentsticky', true);
|
||||||
throw new InsufficientPermissionException();
|
|
||||||
}
|
|
||||||
$idArr = Arr::wrap($id);
|
$idArr = Arr::wrap($id);
|
||||||
return Torrent::query()->whereIn('id', $idArr)->update(['pos_state' => $posState]);
|
return Torrent::query()->whereIn('id', $idArr)->update(['pos_state' => $posState]);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -922,11 +922,15 @@ function user_can($permission, $fail = false, $uid = 0): bool
|
|||||||
$requireClass = get_setting("authority.$permission");
|
$requireClass = get_setting("authority.$permission");
|
||||||
if (!is_bool($result)) {
|
if (!is_bool($result)) {
|
||||||
$result = is_numeric($requireClass) && $requireClass >= 0 && $requireClass < $userInfo['class'];
|
$result = is_numeric($requireClass) && $requireClass >= 0 && $requireClass < $userInfo['class'];
|
||||||
do_log("$log, requireClass: $requireClass, result: $result");
|
$log .= ", requireClass: $requireClass, result: $result";
|
||||||
|
} else {
|
||||||
|
$log .= ", get result: $result from filter nexus_user_can";
|
||||||
}
|
}
|
||||||
if (!$fail || $result) {
|
if (!$fail || $result) {
|
||||||
|
do_log($log);
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
do_log("$log, [FAIL]");
|
||||||
if (IN_NEXUS && !IN_TRACKER) {
|
if (IN_NEXUS && !IN_TRACKER) {
|
||||||
global $lang_functions;
|
global $lang_functions;
|
||||||
if (isset(User::$classes[$requireClass])) {
|
if (isset(User::$classes[$requireClass])) {
|
||||||
@@ -935,5 +939,5 @@ function user_can($permission, $fail = false, $uid = 0): bool
|
|||||||
stderr($lang_functions['std_error'], $lang_functions['std_permission_denied']);
|
stderr($lang_functions['std_error'], $lang_functions['std_permission_denied']);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
throw new \Illuminate\Auth\Access\AuthorizationException();
|
throw new \App\Exceptions\InsufficientPermissionException();
|
||||||
}
|
}
|
||||||
|
|||||||
+1
-1
@@ -156,7 +156,7 @@ if (!$row) {
|
|||||||
if (user_can('askreseed') && $row['seeders'] == 0) {
|
if (user_can('askreseed') && $row['seeders'] == 0) {
|
||||||
$actions[] = "<a title=\"".$lang_details['title_ask_for_reseed']."\" href=\"takereseed.php?reseedid=$id\"><img class=\"dt_reseed\" src=\"pic/trans.gif\" alt=\"reseed\"> <b><font class=\"small\">".$lang_details['text_ask_for_reseed'] ."</font></b></a>";
|
$actions[] = "<a title=\"".$lang_details['title_ask_for_reseed']."\" href=\"takereseed.php?reseedid=$id\"><img class=\"dt_reseed\" src=\"pic/trans.gif\" alt=\"reseed\"> <b><font class=\"small\">".$lang_details['text_ask_for_reseed'] ."</font></b></a>";
|
||||||
}
|
}
|
||||||
if (user_can('torrentmanage') && (get_setting('torrent.approval_status_icon_enabled') == 'yes' || get_setting('torrent.approval_status_none_visible') == 'no')) {
|
if (user_can('torrent-approval') && (get_setting('torrent.approval_status_icon_enabled') == 'yes' || get_setting('torrent.approval_status_none_visible') == 'no')) {
|
||||||
$approvalIcon = '<svg t="1655224943277" class="icon" viewBox="0 0 1397 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="45530" width="16" height="16"><path d="M1396.363636 121.018182c0 0-223.418182 74.472727-484.072727 372.363636-242.036364 269.963636-297.890909 381.672727-390.981818 530.618182C512 1014.690909 372.363636 744.727273 0 549.236364l195.490909-186.181818c0 0 176.872727 121.018182 297.890909 344.436364 0 0 307.2-474.763636 902.981818-707.490909L1396.363636 121.018182 1396.363636 121.018182zM1396.363636 121.018182" p-id="45531" fill="#e78d0f"></path></svg>';
|
$approvalIcon = '<svg t="1655224943277" class="icon" viewBox="0 0 1397 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="45530" width="16" height="16"><path d="M1396.363636 121.018182c0 0-223.418182 74.472727-484.072727 372.363636-242.036364 269.963636-297.890909 381.672727-390.981818 530.618182C512 1014.690909 372.363636 744.727273 0 549.236364l195.490909-186.181818c0 0 176.872727 121.018182 297.890909 344.436364 0 0 307.2-474.763636 902.981818-707.490909L1396.363636 121.018182 1396.363636 121.018182zM1396.363636 121.018182" p-id="45531" fill="#e78d0f"></path></svg>';
|
||||||
$actions[] = sprintf(
|
$actions[] = sprintf(
|
||||||
'<a href="javascript:;"><b><font id="approval" class="small approval" data-torrent_id="%s">%s %s</font></b></a>',
|
'<a href="javascript:;"><b><font id="approval" class="small approval" data-torrent_id="%s">%s %s</font></b></a>',
|
||||||
|
|||||||
Reference in New Issue
Block a user