From 6009990935a2d06c252073f6b51ea5378536ef52 Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Tue, 7 Oct 2014 10:16:38 +0200
Subject: Introduce FreshRSS_Auth::hasAccess('admin')

Replace Minz_Configuration::isAdmin($user). FreshRSS_Auth::hasAccess() could
be extended to others scopes later.

See https://github.com/marienfressinaud/FreshRSS/issues/655
---
 app/Controllers/usersController.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'app/Controllers/usersController.php')

diff --git a/app/Controllers/usersController.php b/app/Controllers/usersController.php
index c2b1d163f..11862ce27 100644
--- a/app/Controllers/usersController.php
+++ b/app/Controllers/usersController.php
@@ -51,7 +51,7 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 				$this->view->conf->_apiPasswordHash($passwordHash);
 			}
 
-			if (Minz_Configuration::isAdmin(Minz_Session::param('currentUser', '_'))) {
+			if (FreshRSS_Auth::hasAccess('admin')) {
 				$this->view->conf->_mail_login(Minz_Request::param('mail_login', '', true));
 			}
 			$email = $this->view->conf->mail_login;
@@ -65,7 +65,7 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 				$ok &= (file_put_contents($personaFile, Minz_Session::param('currentUser', '_')) !== false);
 			}
 
-			if (Minz_Configuration::isAdmin(Minz_Session::param('currentUser', '_'))) {
+			if (FreshRSS_Auth::hasAccess('admin')) {
 				$current_token = $this->view->conf->token;
 				$token = Minz_Request::param('token', $current_token);
 				$this->view->conf->_token($token);
@@ -105,7 +105,7 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 	}
 
 	public function createAction() {
-		if (Minz_Request::isPost() && Minz_Configuration::isAdmin(Minz_Session::param('currentUser', '_'))) {
+		if (Minz_Request::isPost() && FreshRSS_Auth::hasAccess('admin')) {
 			$db = Minz_Configuration::dataBase();
 			require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php');
 
@@ -177,7 +177,7 @@ class FreshRSS_users_Controller extends Minz_ActionController {
 	}
 
 	public function deleteAction() {
-		if (Minz_Request::isPost() && Minz_Configuration::isAdmin(Minz_Session::param('currentUser', '_'))) {
+		if (Minz_Request::isPost() && FreshRSS_Auth::hasAccess('admin')) {
 			$db = Minz_Configuration::dataBase();
 			require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php');
 
-- 
cgit v1.2.3