diff --git a/include/globalfunctions.php b/include/globalfunctions.php index 335940a5..997ca8e2 100644 --- a/include/globalfunctions.php +++ b/include/globalfunctions.php @@ -977,7 +977,7 @@ function clear_staff_message_cache() \App\Repositories\MessageRepository::updateStaffMessageCountCache(false); } -function user_can($permission, $fail = false, $uid = 0, $class = null): bool +function user_can($permission, $fail = false, $uid = 0): bool { $log = "permission: $permission, fail: $fail, user: $uid"; static $userCanCached = []; @@ -993,10 +993,8 @@ function user_can($permission, $fail = false, $uid = 0, $class = null): bool if (!$fail && isset($userCanCached[$permission][$uid])) { return $userCanCached[$permission][$uid]; } - if ($class === null) { - $userInfo = get_user_row($uid); - $class = $userInfo['class']; - } + $userInfo = get_user_row($uid); + $class = $userInfo['class']; $log .= ", userClass: $class"; if ($class == \App\Models\User::CLASS_STAFF_LEADER) { do_log("$log, CLASS_STAFF_LEADER, true"); diff --git a/lang/chs/lang_details.php b/lang/chs/lang_details.php index e1f5d9ed..f0f0b672 100644 --- a/lang/chs/lang_details.php +++ b/lang/chs/lang_details.php @@ -111,7 +111,8 @@ $lang_details = array 'text_dead' => "断种", 'row_health' => "活力度", 'text_anonymous' => "匿名", - 'text_edit_torrent' => "编辑/刪除", + 'text_edit_torrent' => "编辑", + 'text_edit_and_delete_torrent' => "编辑/刪除", 'title_edit_torrent' => "点击编辑或删除本种子", 'row_upped_by' => "由", 'text_click' => "点击", diff --git a/lang/cht/lang_details.php b/lang/cht/lang_details.php index a6b46761..f963817f 100644 --- a/lang/cht/lang_details.php +++ b/lang/cht/lang_details.php @@ -111,7 +111,8 @@ $lang_details = array 'text_dead' => "斷種", 'row_health' => "活力度", 'text_anonymous' => "匿名", - 'text_edit_torrent' => "編輯/刪除", + 'text_edit_torrent' => "編輯", + 'text_edit_and_delete_torrent' => "編輯/刪除", 'title_edit_torrent' => "點擊編輯或移除本種子", 'row_upped_by' => "由", 'text_click' => "點擊", diff --git a/lang/en/lang_details.php b/lang/en/lang_details.php index 7fd6a173..53621957 100644 --- a/lang/en/lang_details.php +++ b/lang/en/lang_details.php @@ -110,7 +110,8 @@ $lang_details = array 'text_dead' => "dead", 'row_health' => "Health", 'text_anonymous' => "Anonymous", - 'text_edit_torrent' => "Edit/Delete", + 'text_edit_torrent' => "Edit", + 'text_edit_and_delete_torrent' => "Edit/Delete", 'title_edit_torrent' => "Click to Edit or Delete this torrent", 'row_upped_by' => "Uploaded by", 'text_click' => "Click ", diff --git a/public/announce.php b/public/announce.php index 299374e7..6430c311 100644 --- a/public/announce.php +++ b/public/announce.php @@ -173,13 +173,17 @@ if (!$torrent) { err("torrent not registered with this tracker"); } -if (!user_can('seebanned', false, $az['id'], $az['class'])) { - if ($torrent['banned'] == 'yes') { +if ($torrent['banned'] == 'yes') { + if (!user_can('seebanned', false, $az['id'])) { err("torrent banned"); - } elseif ($torrent['approval_status'] != \App\Models\Torrent::APPROVAL_STATUS_ALLOW && get_setting('torrent.approval_status_none_visible') == 'no') { + } +} +if ($torrent['approval_status'] != \App\Models\Torrent::APPROVAL_STATUS_ALLOW && get_setting('torrent.approval_status_none_visible') == 'no') { + if (!user_can('seebanned', false, $az['id'])) { err("torrent review not approved"); } } + // select peers info from peers table for this torrent $torrentid = $torrent["id"]; $numpeers = $torrent["seeders"]+$torrent["leechers"]; diff --git a/public/delete.php b/public/delete.php index 9b66e804..0db79d51 100644 --- a/public/delete.php +++ b/public/delete.php @@ -4,7 +4,7 @@ dbconn(); require_once(get_langfile_path()); require_once(get_langfile_path("",true)); loggedinorreturn(); - +user_can('torrentmanage', true); function bark($msg) { global $lang_delete; stdhead(); diff --git a/public/details.php b/public/details.php index f5569865..9864a4f8 100644 --- a/public/details.php +++ b/public/details.php @@ -151,7 +151,7 @@ if (!$row) { $actions[] = "\"download\" ".$lang_details['text_download_torrent'].""; } if ($owned == 1) { - $actions[] = "<$editlink>\"edit\" ".$lang_details['text_edit_torrent'] . ""; + $actions[] = "<$editlink>\"edit\" ".(user_can('torrentmanage') ? $lang_details['text_edit_and_delete_torrent'] : $lang_details['text_edit_torrent']). ""; } if (user_can('askreseed') && $row['seeders'] == 0) { $actions[] = "\"reseed\" ".$lang_details['text_ask_for_reseed'] .""; diff --git a/public/edit.php b/public/edit.php index 915ea331..2d99b928 100644 --- a/public/edit.php +++ b/public/edit.php @@ -205,21 +205,23 @@ else { print(" \n"); print("\n"); print("\n"); - print("

"); - print("
\n"); - print("\n"); - if (isset($_GET["returnto"])) - print("\n"); - print("\n"); - print(""); - tr(" ".$lang_edit['radio_dead'], $lang_edit['text_dead_note'], 1); - tr(" ".$lang_edit['radio_dupe'], "", 1); - tr(" ".$lang_edit['radio_nuked'], "", 1); - tr(" ".$lang_edit['radio_rules'], "".$lang_edit['text_req'], 1); - tr(" ".$lang_edit['radio_other'], "".$lang_edit['text_req'], 1); - print("\n"); - print("
".$lang_edit['text_delete_torrent']."
"); - print("
\n"); + if (user_can('torrentmanage')) { + print("

"); + print("
\n"); + print("\n"); + if (isset($_GET["returnto"])) + print("\n"); + print("\n"); + print(""); + tr(" ".$lang_edit['radio_dead'], $lang_edit['text_dead_note'], 1); + tr(" ".$lang_edit['radio_dupe'], "", 1); + tr(" ".$lang_edit['radio_nuked'], "", 1); + tr(" ".$lang_edit['radio_rules'], "".$lang_edit['text_req'], 1); + tr(" ".$lang_edit['radio_other'], "".$lang_edit['text_req'], 1); + print("\n"); + print("
".$lang_edit['text_delete_torrent']."
"); + print("
\n"); + } $json_sticky_series = json_encode(array(4, 6, 12, 24, 36, 48, 72, 168, 360)); echo <<