Cavemanon/cavepaintings
7
Fork 2
Code Issues 3 Pull Requests Projects Releases Wiki Activity

use permissions for voting

Browse Source
This commit is contained in:
Shish
2023-02-24 05:32:23 +00:00
parent 36951db563
commit 6d41012f50
3 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
core/permissions.php
View File

@ -72,9 +72,13 @@ abstract class Permissions
public const SEND_PM = "send_pm"; public const SEND_PM = "send_pm";
public const READ_PM = "read_pm"; public const READ_PM = "read_pm";
public const VIEW_OTHER_PMS = "view_other_pms"; public const VIEW_OTHER_PMS = "view_other_pms";
public const EDIT_FEATURE = "edit_feature"; public const EDIT_FEATURE = "edit_feature";
public const CREATE_VOTE = "create_vote";
public const BULK_EDIT_VOTE = "bulk_edit_vote"; public const BULK_EDIT_VOTE = "bulk_edit_vote";
public const EDIT_OTHER_VOTE = "edit_other_vote"; public const EDIT_OTHER_VOTE = "edit_other_vote";
public const VIEW_SYSINTO = "view_sysinfo"; public const VIEW_SYSINTO = "view_sysinfo";
public const HELLBANNED = "hellbanned"; public const HELLBANNED = "hellbanned";

1
core/userclass.php
View File

@ -108,6 +108,7 @@ new UserClass("user", "base", [
Permissions::CREATE_IMAGE_REPORT => true, Permissions::CREATE_IMAGE_REPORT => true,
Permissions::EDIT_IMAGE_RATING => true, Permissions::EDIT_IMAGE_RATING => true,
Permissions::EDIT_FAVOURITES => true, Permissions::EDIT_FAVOURITES => true,
Permissions::CREATE_VOTE => true,
Permissions::SEND_PM => true, Permissions::SEND_PM => true,
Permissions::READ_PM => true, Permissions::READ_PM => true,
Permissions::SET_PRIVATE_IMAGE => true, Permissions::SET_PRIVATE_IMAGE => true,

8
ext/numeric_score/main.php
View File

@ -75,7 +75,7 @@ class NumericScoreVote
public static function create_vote(int $post_id, int $score): bool public static function create_vote(int $post_id, int $score): bool
{ {
global $user; global $user;
if (!$user->is_anonymous()) { if ($user->can(Permissions::CREATE_VOTE)) {
assert($score == 0 || $score == -1 || $score == 1); assert($score == 0 || $score == -1 || $score == 1);
send_event(new NumericScoreSetEvent($post_id, $user, $score)); send_event(new NumericScoreSetEvent($post_id, $user, $score));
return true; return true;
@ -107,7 +107,7 @@ class NumericScore extends Extension
public function onDisplayingImage(DisplayingImageEvent $event) public function onDisplayingImage(DisplayingImageEvent $event)
{ {
global $user; global $user;
if (!$user->is_anonymous()) { if ($user->can(Permissions::CREATE_VOTE)) {
$this->theme->get_voter($event->image); $this->theme->get_voter($event->image);
} }
} }
@ -150,7 +150,7 @@ class NumericScore extends Extension
} }
die($html); die($html);
} elseif ($event->page_matches("numeric_score_vote") && $user->check_auth_token()) { } elseif ($event->page_matches("numeric_score_vote") && $user->check_auth_token()) {
if (!$user->is_anonymous()) { if ($user->can(Permissions::CREATE_VOTE)) {
$image_id = int_escape($_POST['image_id']); $image_id = int_escape($_POST['image_id']);
$score = int_escape($_POST['vote']); $score = int_escape($_POST['vote']);
if (($score == -1 || $score == 0 || $score == 1) && $image_id>0) { if (($score == -1 || $score == 0 || $score == 1) && $image_id>0) {
@ -366,7 +366,7 @@ class NumericScore extends Extension
if (preg_match("/^vote[=|:](up|down|remove)$/", $event->term, $matches)) { if (preg_match("/^vote[=|:](up|down|remove)$/", $event->term, $matches)) {
global $user; global $user;
$score = ($matches[1] == "up" ? 1 : ($matches[1] == "down" ? -1 : 0)); $score = ($matches[1] == "up" ? 1 : ($matches[1] == "down" ? -1 : 0));
if (!$user->is_anonymous()) { if ($user->can(Permissions::CREATE_VOTE)) {
send_event(new NumericScoreSetEvent($event->image_id, $user, $score)); send_event(new NumericScoreSetEvent($event->image_id, $user, $score));
} }
} }