Refactoring user permissions

2026-04-15 05:00:49 +08:00 · 2022-08-20 19:11:28 +08:00
parent 3046837576
commit b79762686a
73 changed files with 945 additions and 326 deletions
--- a/public/modtask.php
+++ b/public/modtask.php
@@ -11,7 +11,7 @@ function puke()
 	stderr("Error", "Permission denied. For security reason, we logged this action");
 }

-if (get_user_class() < $prfmanage_class)
+if (!user_can('prfmanage'))
 	puke();

 $action = $_POST["action"];
@@ -87,11 +87,11 @@ if ($action == "edituser")
 	$updateset[] = "supportlang = ".sqlesc($supportlang);
    $banLog = [];

-	if(get_user_class()<=$cruprfmanage_class)
+	if(!user_can('cruprfmanage'))
 	{
 		$modcomment = $arr["modcomment"];
 	}
-	if(get_user_class() >= $cruprfmanage_class)
+	if(user_can('cruprfmanage'))
 	{
 		$email = $_POST["email"];
 		$username = $_POST["username"];