Start assigning permissions to the hooks.

Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>

diff --git a/classes/user.php b/classes/user.php
index 8b9122f..0f42867 100644 (file)
--- a/classes/user.php
+++ b/classes/user.php
@@ -185,7 +185,7 @@ class User extends PlUser
                                       IF (ab.alias IS NULL, NULL, CONCAT(ab.alias, \'@' . $globals->mail->domain2 . '\')) AS bestalias_alternate,
                                       a.email, a.full_name, a.directory_name, a.display_name, a.sex = \'female\' AS gender,
                                       IF(a.state = \'active\', CONCAT(at.perms, \',\', IF(a.user_perms IS NULL, \'\', a.user_perms)), \'\') AS perms,
-                                      a.email_format, a.is_admin, a.state, a.type, a.skin,
+                                      a.user_perms, a.email_format, a.is_admin, a.state, a.type, a.skin,
                                       FIND_IN_SET(\'watch\', a.flags) AS watch, a.comment,
                                       a.weak_password IS NOT NULL AS weak_access, g.g_account_name IS NOT NULL AS googleapps,
                                       a.token IS NOT NULL AS token_access, a.token, a.last_version,

diff --git a/modules/email.php b/modules/email.php
index 794ec39..bfcbf06 100644 (file)
--- a/modules/email.php
+++ b/modules/email.php
@@ -24,14 +24,14 @@ class EmailModule extends PLModule
     function handlers()
     {
         return array(
-            'emails'                  => $this->make_hook('emails',      AUTH_COOKIE),
-            'emails/alias'            => $this->make_hook('alias',       AUTH_MDP),
-            'emails/antispam'         => $this->make_hook('antispam',    AUTH_MDP),
+            'emails'                  => $this->make_hook('emails',      AUTH_COOKIE, 'mail'),
+            'emails/alias'            => $this->make_hook('alias',       AUTH_MDP,    'mail'),
+            'emails/antispam'         => $this->make_hook('antispam',    AUTH_MDP,    'mail'),
             'emails/broken'           => $this->make_hook('broken',      AUTH_COOKIE),
-            'emails/redirect'         => $this->make_hook('redirect',    AUTH_MDP),
-            'emails/send'             => $this->make_hook('send',        AUTH_MDP),
+            'emails/redirect'         => $this->make_hook('redirect',    AUTH_MDP,    'mail'),
+            'emails/send'             => $this->make_hook('send',        AUTH_MDP,    'mail'),
             'emails/antispam/submit'  => $this->make_hook('submit',      AUTH_COOKIE),
-            'emails/test'             => $this->make_hook('test',        AUTH_COOKIE, 'user', NO_AUTH),
+            'emails/test'             => $this->make_hook('test',        AUTH_COOKIE, 'mail', NO_AUTH),
 
             'emails/rewrite/in'       => $this->make_hook('rewrite_in',  AUTH_PUBLIC),
             'emails/rewrite/out'      => $this->make_hook('rewrite_out', AUTH_PUBLIC),

diff --git a/modules/forums.php b/modules/forums.php
index c34b22c..577791b 100644 (file)
--- a/modules/forums.php
+++ b/modules/forums.php
@@ -24,8 +24,8 @@ class ForumsModule extends PLModule
     function handlers()
     {
         return array(
-            'banana'         => $this->make_hook('banana',      AUTH_COOKIE),
-            'banana/rss'     => $this->make_hook('rss',         AUTH_PUBLIC, 'user', NO_HTTPS),
+            'banana'         => $this->make_hook('banana',      AUTH_COOKIE, 'forums'),
+            'banana/rss'     => $this->make_hook('rss',         AUTH_PUBLIC, 'forums', NO_HTTPS),
             'admin/forums'   => $this->make_hook('forums_bans', AUTH_MDP,    'admin'),
         );
     }

diff --git a/modules/lists.php b/modules/lists.php
index 9979e84..eeeb2d4 100644 (file)
--- a/modules/lists.php
+++ b/modules/lists.php
@@ -26,24 +26,24 @@ class ListsModule extends PLModule
     function handlers()
     {
         return array(
-            'lists'           => $this->make_hook('lists',     AUTH_MDP),
-            'lists/ajax'      => $this->make_hook('ajax',      AUTH_MDP,    'user', NO_AUTH),
-            'lists/create'    => $this->make_hook('create',    AUTH_MDP),
-
-            'lists/members'   => $this->make_hook('members',   AUTH_COOKIE),
-            'lists/csv'       => $this->make_hook('csv',       AUTH_COOKIE),
-            'lists/annu'      => $this->make_hook('annu',      AUTH_COOKIE),
-            'lists/archives'  => $this->make_hook('archives',  AUTH_COOKIE),
-            'lists/archives/rss' => $this->make_hook('rss',    AUTH_PUBLIC, 'user', NO_HTTPS),
-
-            'lists/moderate'  => $this->make_hook('moderate',  AUTH_MDP),
-            'lists/admin'     => $this->make_hook('admin',     AUTH_MDP),
-            'lists/options'   => $this->make_hook('options',   AUTH_MDP),
-            'lists/delete'    => $this->make_hook('delete',    AUTH_MDP),
-
-            'lists/soptions'  => $this->make_hook('soptions',  AUTH_MDP),
-            'lists/check'     => $this->make_hook('check',     AUTH_MDP),
-            'admin/lists'     => $this->make_hook('admin_all', AUTH_MDP,    'admin'),
+            'lists'           => $this->make_hook('lists',     AUTH_MDP, 'lists'),
+            'lists/ajax'      => $this->make_hook('ajax',      AUTH_MDP, 'lists', NO_AUTH),
+            'lists/create'    => $this->make_hook('create',    AUTH_MDP, 'lists'),
+
+            'lists/members'   => $this->make_hook('members',   AUTH_COOKIE, 'lists'),
+            'lists/csv'       => $this->make_hook('csv',       AUTH_COOKIE, 'lists'),
+            'lists/annu'      => $this->make_hook('annu',      AUTH_COOKIE, 'lists'),
+            'lists/archives'  => $this->make_hook('archives',  AUTH_COOKIE, 'lists'),
+            'lists/archives/rss' => $this->make_hook('rss',    AUTH_PUBLIC, 'lists', NO_HTTPS),
+
+            'lists/moderate'  => $this->make_hook('moderate',  AUTH_MDP, 'lists'),
+            'lists/admin'     => $this->make_hook('admin',     AUTH_MDP, 'lists'),
+            'lists/options'   => $this->make_hook('options',   AUTH_MDP, 'lists'),
+            'lists/delete'    => $this->make_hook('delete',    AUTH_MDP, 'lists'),
+
+            'lists/soptions'  => $this->make_hook('soptions',  AUTH_MDP, 'lists'),
+            'lists/check'     => $this->make_hook('check',     AUTH_MDP, 'lists'),
+            'admin/lists'     => $this->make_hook('admin_all', AUTH_MDP, 'admin'),
         );
     }
 

diff --git a/modules/payment.php b/modules/payment.php
index 1578a96..86e0e90 100644 (file)
--- a/modules/payment.php
+++ b/modules/payment.php
@@ -90,7 +90,7 @@ class PaymentModule extends PLModule
     function handlers()
     {
         return array(
-            'payment'                    => $this->make_hook('payment',       AUTH_MDP),
+            'payment'                    => $this->make_hook('payment',       AUTH_MDP,    'payment'),
             'payment/cyber_return'       => $this->make_hook('cyber_return',  AUTH_PUBLIC, 'user', NO_HTTPS),
             'payment/cyber2_return'      => $this->make_hook('cyber2_return', AUTH_PUBLIC, 'user', NO_HTTPS),
             'payment/paypal_return'      => $this->make_hook('paypal_return', AUTH_PUBLIC, 'user', NO_HTTPS),

diff --git a/modules/platal.php b/modules/platal.php
index 9d8c205..c558b49 100644 (file)
--- a/modules/platal.php
+++ b/modules/platal.php
@@ -45,13 +45,13 @@ class PlatalModule extends PLModule
             // Preferences thingies
             'prefs'             => $this->make_hook('prefs',     AUTH_COOKIE),
             'prefs/rss'         => $this->make_hook('prefs_rss', AUTH_COOKIE),
-            'prefs/webredirect' => $this->make_hook('webredir',  AUTH_MDP),
+            'prefs/webredirect' => $this->make_hook('webredir',  AUTH_MDP, 'mail'),
             'prefs/skin'        => $this->make_hook('skin',      AUTH_COOKIE),
 
             // password related thingies
             'password'          => $this->make_hook('password',  AUTH_MDP),
             'tmpPWD'            => $this->make_hook('tmpPWD',    AUTH_PUBLIC),
-            'password/smtp'     => $this->make_hook('smtppass',  AUTH_MDP),
+            'password/smtp'     => $this->make_hook('smtppass',  AUTH_MDP, 'mail'),
             'recovery'          => $this->make_hook('recovery',  AUTH_PUBLIC),
             'exit'              => $this->make_hook('exit',      AUTH_PUBLIC),
             'review'            => $this->make_hook('review',    AUTH_PUBLIC),