badmanners/shimmie2
badmanners/shimmie2
Archived
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

use permissions for voting

Browse source
This commit is contained in:
Shish 2023-02-24 05:32:23 +00:00
parent 36951db563
commit 6d41012f50
3 changed files with 9 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
core/permissions.php
View file

@ -72,9 +72,13 @@ abstract class Permissions
public const SEND_PM = "send_pm";
public const READ_PM = "read_pm";
public const VIEW_OTHER_PMS = "view_other_pms";
public const EDIT_FEATURE = "edit_feature";
public const CREATE_VOTE = "create_vote";
public const BULK_EDIT_VOTE = "bulk_edit_vote";
public const EDIT_OTHER_VOTE = "edit_other_vote";
public const VIEW_SYSINTO = "view_sysinfo";
public const HELLBANNED = "hellbanned";

1
core/userclass.php
View file

@ -108,6 +108,7 @@ new UserClass("user", "base", [
Permissions::CREATE_IMAGE_REPORT => true,
Permissions::EDIT_IMAGE_RATING => true,
Permissions::EDIT_FAVOURITES => true,
Permissions::CREATE_VOTE => true,
Permissions::SEND_PM => true,
Permissions::READ_PM => true,
Permissions::SET_PRIVATE_IMAGE => true,

8
ext/numeric_score/main.php
View file

@ -75,7 +75,7 @@ class NumericScoreVote
public static function create_vote(int $post_id, int $score): bool
{
global $user;
if (!$user->is_anonymous()) {
if ($user->can(Permissions::CREATE_VOTE)) {
assert($score == 0 || $score == -1 || $score == 1);
send_event(new NumericScoreSetEvent($post_id, $user, $score));
return true;
@ -107,7 +107,7 @@ class NumericScore extends Extension
public function onDisplayingImage(DisplayingImageEvent $event)
{
global $user;
if (!$user->is_anonymous()) {
if ($user->can(Permissions::CREATE_VOTE)) {
$this->theme->get_voter($event->image);
}
}
@ -150,7 +150,7 @@ class NumericScore extends Extension
}
die($html);
} elseif ($event->page_matches("numeric_score_vote") && $user->check_auth_token()) {
if (!$user->is_anonymous()) {
if ($user->can(Permissions::CREATE_VOTE)) {
$image_id = int_escape($_POST['image_id']);
$score = int_escape($_POST['vote']);
if (($score == -1 || $score == 0 || $score == 1) && $image_id>0) {
@ -366,7 +366,7 @@ class NumericScore extends Extension
if (preg_match("/^vote[=|:](up|down|remove)$/", $event->term, $matches)) {
global $user;
$score = ($matches[1] == "up" ? 1 : ($matches[1] == "down" ? -1 : 0));
if (!$user->is_anonymous()) {
if ($user->can(Permissions::CREATE_VOTE)) {
send_event(new NumericScoreSetEvent($event->image_id, $user, $score));
}
}