From 6009990935a2d06c252073f6b51ea5378536ef52 Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Tue, 7 Oct 2014 10:16:38 +0200
Subject: Introduce FreshRSS_Auth::hasAccess('admin')

Replace Minz_Configuration::isAdmin($user). FreshRSS_Auth::hasAccess() could
be extended to others scopes later.

See https://github.com/marienfressinaud/FreshRSS/issues/655
---
 app/Models/Auth.php | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

(limited to 'app/Models/Auth.php')

diff --git a/app/Models/Auth.php b/app/Models/Auth.php
index c4a3abd98..992b444a5 100644
--- a/app/Models/Auth.php
+++ b/app/Models/Auth.php
@@ -99,12 +99,23 @@ class FreshRSS_Auth {
 	}
 
 	/**
-	 * Returns if current user is connected.
+	 * Returns if current user has access to the given scope.
 	 *
-	 * @return boolean true if user is connected, false else.
+	 * @param string $scope general (default) or admin
+	 * @return boolean true if user has corresponding access, false else.
 	 */
-	public static function hasAccess() {
-		return self::$login_ok;
+	public static function hasAccess($scope = 'general') {
+		$ok = self::$login_ok;
+		switch ($scope) {
+		case 'general':
+			break;
+		case 'admin':
+			$ok &= Minz_Session::param('currentUser') === Minz_Configuration::defaultUser();
+			break;
+		default:
+			$ok = false;
+		}
+		return $ok;
 	}
 
 	/**
-- 
cgit v1.2.3