deblan/phpci
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Updating controllers to a cleaner way of requiring the current user to be an administrator.

Browse source 
Closes #654
This commit is contained in:
Dan Cryer 2014-12-03 10:28:44 +00:00
parent 951e3b4827
commit d6a700da59
6 changed files with 33 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
PHPCI/Controller.php
View file

@ -72,10 +72,23 @@ class Controller extends \b8\Controller
return $this->response;
}
/**
* Require that the currently logged in user is an administrator.
* @throws ForbiddenException
*/
protected function requireAdmin()
{
if (!$_SESSION['phpci_user']->getIsAdmin()) {
if (!$this->currentUserIsAdmin()) {
throw new ForbiddenException('You do not have permission to do that.');
}
}
/**
* Check if the currently logged in user is an administrator.
* @return bool
*/
protected function currentUserIsAdmin()
{
return $_SESSION['phpci_user']->getIsAdmin();
}
}

6
PHPCI/Controller/BuildController.php
View file

@ -70,7 +70,7 @@ class BuildController extends \PHPCI\Controller
),
);
if ($_SESSION['phpci_user']->getIsAdmin()) {
if ($this->currentUserIsAdmin()) {
$nav['links']['build/delete/' . $build->getId()] = 'Delete Build';
}
@ -156,9 +156,7 @@ class BuildController extends \PHPCI\Controller
*/
public function delete($buildId)
{
if (empty($_SESSION['phpci_user']) || !$_SESSION['phpci_user']->getIsAdmin()) {
throw new \Exception('You do not have permission to do that.');
}
$this->requireAdmin();
$build = BuildFactory::getBuildById($buildId);

12
PHPCI/Controller/PluginController.php
View file

@ -44,9 +44,7 @@ class PluginController extends \PHPCI\Controller
public function index()
{
if (!$_SESSION['phpci_user']->getIsAdmin()) {
throw new \Exception('You do not have permission to do that.');
}
$this->requireAdmin();
$this->view->canWrite = is_writable(APPLICATION_PATH . 'composer.json');
$this->view->required = $this->required;
@ -72,9 +70,7 @@ class PluginController extends \PHPCI\Controller
public function remove()
{
if (!$_SESSION['phpci_user']->getIsAdmin()) {
throw new \Exception('You do not have permission to do that.');
}
$this->requireAdmin();
$package = $this->getParam('package', null);
$json = $this->getComposerJson();
@ -93,9 +89,7 @@ class PluginController extends \PHPCI\Controller
public function install()
{
if (!$_SESSION['phpci_user']->getIsAdmin()) {
throw new \Exception('You do not have permission to do that.');
}
$this->requireAdmin();
$package = $this->getParam('package', null);
$version = $this->getParam('version', '*');

8
PHPCI/Controller/ProjectController.php
View file

@ -122,9 +122,7 @@ class ProjectController extends \PHPCI\Controller
*/
public function delete($projectId)
{
if (!$_SESSION['phpci_user']->getIsAdmin()) {
throw new ForbiddenException('You do not have permission to do that.');
}
$this->requireAdmin();
$project = $this->projectStore->getById($projectId);
$this->projectService->deleteProject($project);
@ -227,9 +225,7 @@ class ProjectController extends \PHPCI\Controller
*/
public function edit($projectId)
{
if (!$_SESSION['phpci_user']->getIsAdmin()) {
throw new ForbiddenException('You do not have permission to do that.');
}
$this->requireAdmin();
$method = $this->request->getMethod();
$project = $this->projectStore->getById($projectId);

8
PHPCI/Controller/SettingsController.php
View file

@ -38,6 +38,8 @@ class SettingsController extends Controller
public function index()
{
$this->requireAdmin();
$this->layout->title = 'Settings';
$this->view->settings = $this->settings;
@ -65,6 +67,8 @@ class SettingsController extends Controller
public function github()
{
$this->requireAdmin();
$this->settings['phpci']['github']['id'] = $this->getParam('githubid', '');
$this->settings['phpci']['github']['secret'] = $this->getParam('githubsecret', '');
$error = $this->storeSettings();
@ -80,6 +84,8 @@ class SettingsController extends Controller
public function email()
{
$this->requireAdmin();
$this->settings['phpci']['email_settings'] = $this->getParams();
$this->settings['phpci']['email_settings']['smtp_encryption'] = $this->getParam('smtp_encryption', 0);
@ -96,6 +102,8 @@ class SettingsController extends Controller
public function build()
{
$this->requireAdmin();
$this->settings['phpci']['build'] = $this->getParams();
$error = $this->storeSettings();

14
PHPCI/Controller/UserController.php
View file

@ -115,9 +115,7 @@ class UserController extends Controller
*/
public function add()
{
if (!$_SESSION['phpci_user']->getIsAdmin()) {
throw new ForbiddenException('You do not have permission to do that.');
}
$this->requireAdmin();
$this->layout->title = 'Add User';
@ -157,9 +155,7 @@ class UserController extends Controller
*/
public function edit($userId)
{
if (!$_SESSION['phpci_user']->getIsAdmin()) {
throw new ForbiddenException('You do not have permission to do that.');
}
$this->requireAdmin();
$method = $this->request->getMethod();
$user = $this->userStore->getById($userId);
@ -253,10 +249,8 @@ class UserController extends Controller
*/
public function delete($userId)
{
if (!$_SESSION['phpci_user']->getIsAdmin()) {
throw new ForbiddenException('You do not have permission to do that.');
}
$this->requireAdmin();
$user = $this->userStore->getById($userId);
if (empty($user)) {