diff options
| author | Dries Buytaert <dries@buytaert.net> | 2001-06-20 20:00:40 +0000 |
|---|---|---|
| committer | Dries Buytaert <dries@buytaert.net> | 2001-06-20 20:00:40 +0000 |
| commit | 72065fb8351b54eee5f1928c18e06ad81aa9b502 (patch) | |
| tree | 59052fb790134eed81b52b69150a1e231bd44083 /includes/common.inc | |
| parent | 7752dc4c7c4cffda07152d8ee89bce05f16a5d6c (diff) | |
| download | brdo-72065fb8351b54eee5f1928c18e06ad81aa9b502.tar.gz brdo-72065fb8351b54eee5f1928c18e06ad81aa9b502.tar.bz2 | |
- Added a brand-new access.module which allows you to manage 'roles'
(groups) and 'permissions' ... (inspired by Zope's system).
+ Once installed, click the help-link for more information.
+ See updates/2.00-to-x.xx.sql for the SQL updates.
- Modified loads of code to use our new access.module. The system
still has to mature though: new permissions have to be added and
existing permissions need stream-lining. Awaiting suggestions.
- As a direct result of the new access system, I had to rewrite the
way the top-level links in admin.php are rendered and displayed,
and xhtml-ified admin.php while I was at it.
TODO
- Home-brewed modules need updating, home-brewed themes not.
(Examples: file.module, trip_link.module)
- As soon we *finished* the refactoring of the user system (KJ has
been working on this refactoring already) we should consider to
embed this role and permission code into account.module ...
Diffstat (limited to 'includes/common.inc')
| -rw-r--r-- | includes/common.inc | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/includes/common.inc b/includes/common.inc index 2fc7c8a42..778f87a39 100644 --- a/includes/common.inc +++ b/includes/common.inc @@ -25,7 +25,7 @@ function watchdog($type, $message) { function throttle($type, $rate) { global $user; - if (!user_access($user)) { + if (!user_access($user, "access administration pages")) { if ($throttle = db_fetch_object(db_query("SELECT * FROM watchdog WHERE type = '$type' AND hostname = '". getenv("REMOTE_ADDR") ."' AND ". time() ." - timestamp < $rate"))) { watchdog("warning", "throttle: '". getenv("REMOTE_ADDR") ."' exceeded submission rate - $throttle->type"); die(message_throttle()); @@ -46,8 +46,8 @@ function path_img() { return "./images/"; } -function message_account() { - return t("This page requires a valid user account. Please <A HREF=\"account.php\">create a user account</A> and <A HREF=\"account.php\">login</A> prior to accessing it."); +function message_access() { + return t("You are not authorized to access to this page."); } function message_throttle() { @@ -136,7 +136,7 @@ function format_date($timestamp, $type = "medium", $format = "") { function format_username($username) { global $user; - if ($username) return (user_access($user, "account") ? "<A HREF=\"admin.php?mod=account&op=view&name=". urlencode($username) ."\">$username</A>" : "<A HREF=\"account.php?op=view&name=". urlencode($username) ."\">$username</A>"); + if ($username) return (user_access($user, "add and edit user accounts") ? "<A HREF=\"admin.php?mod=account&op=view&name=". urlencode($username) ."\">$username</A>" : "<A HREF=\"account.php?op=view&name=". urlencode($username) ."\">$username</A>"); else return variable_get(anonymous, "Anonymous"); } |