agnes/mourningdove
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3
mourningdove/cgi-bin/DW/Controller/Admin/CapEdit.pm

124 lines
3.6 KiB
Perl
Raw Normal View History

first!
2026-05-24 01:03:05 +00:00
#!/usr/bin/perl
#
# DW::Controller::Admin::CapEdit
#
# Edit user capabilities, which are listed in the site's config files; requires
# admin:capedit or payments:* privileges.
#
# Authors:
# foxfirefey <foxfirefey@gmail.com>
#
# Copyright (c) 2012 by Dreamwidth Studios, LLC.
#
# This program is free software; you may redistribute it and/or modify it under
# the same terms as Perl itself. For a copy of the license, please reference
# 'perldoc perlartistic' or 'perldoc perlgpl'.
#
package DW::Controller::Admin::CapEdit;
use strict;
use DW::Controller;
use DW::Controller::Admin;
use DW::Routing;
use DW::Template;
use LJ::User;
DW::Routing->register_string( "/admin/capedit/index", \&index_controller );
DW::Controller::Admin->register_admin_page(
'/',
path => 'capedit',
ml_scope => '/admin/capedit.tt',
privs => [
'admin:capedit',
'payments',
sub {
return ( $LJ::IS_DEV_SERVER, LJ::Lang::ml("/admin/index.tt.devserver") );
}
]
);
sub index_controller {
my ( $ok, $rv ) = controller( privcheck => [ "admin:capedit", "payments" ] );
return $rv unless $ok;
my $vars = {%$rv};
my $r = DW::Request->get;
my $args = $r->did_post ? $r->post_args : $r->get_args;
my @errors;
if ( $args->{user} ) {
my $user = LJ::canonical_username( $args->{user} );
my $u = $user ? LJ::load_user($user) : undef;
push @errors, "Unknown user: " . LJ::ehtml( $args->{user} ) unless $u;
$vars->{u} = $u;
# do this first so later when we construct the user caps it will be already there
if ( $r->did_post ) {
push @errors, "Invalid form auth" unless LJ::check_form_auth( $args->{lj_form_auth} );
unless (@errors) {
my @cap_add = ();
my @cap_del = ();
my $newcaps = $u->{caps};
foreach my $n ( sort { $a <=> $b } keys %LJ::CAP ) {
if ( $args->{"class_$n"} ) {
push @cap_add, $n;
$newcaps |= ( 1 << $n );
}
else {
push @cap_del, $n;
$newcaps &= ~( 1 << $n );
}
}
# note which caps were changed and log $logmsg to statushistory
my $add_txt = join( ",", @cap_add );
my $del_txt = join( ",", @cap_del );
my $remote = LJ::get_remote();
LJ::statushistory_add( $u->{userid}, $remote->{userid},
"capedit", "add: $add_txt, del: $del_txt\n" );
$u->modify_caps( \@cap_add, \@cap_del )
or push @errors, "Error: Unable to modify caps.";
# $u->{caps} is now updated in memory for later in this request
$u->{caps} = $newcaps;
# set this flag to let the template know we have saved
$vars->{save} = 1;
}
}
# make information for all of the caps based on the current info
my @caps;
foreach my $n ( sort { $a <=> $b } keys %LJ::CAP ) {
push @caps,
{
"n" => $n,
"on" => ( ( $u->{caps} + 0 ) & ( 1 << $n ) ) ? 1 : 0,
"name" => $LJ::CAP{$n}->{'_name'} || "Unnamed capability class #$n",
};
}
$vars->{caps} = \@caps;
}
else {
$vars->{u} = 0;
}
$vars->{error_list} = \@errors if @errors;
return DW::Template->render_template( 'admin/capedit.tt', $vars );
}
1;
Reference in a new issue Copy permalink