![[site community profile]](https://www.dreamwidth.org/img/comm_staff.png){kind=small}
[dw-free] Standardize handling of access to admin pages
[commit: http://hg.dwscoalition.org/dw-free/rev/c56a6080fdcd]
http://bugs.dwscoalition.org/show_bug.cgi?id=520
Standardize handling of access to /admin pages
Patch by![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
owl.
Files modified:
http://bugs.dwscoalition.org/show_bug.cgi?id=520
Standardize handling of access to /admin pages
Patch by
owl.Files modified:
- bin/upgrading/en.dat
- htdocs/admin/capedit.bml
- htdocs/admin/clusterstatus.bml
- htdocs/admin/dupkiller.bml
- htdocs/admin/entryprops.bml
- htdocs/admin/faq/faqedit.bml
- htdocs/admin/faq/index.bml
- htdocs/admin/fileedit/index.bml
- htdocs/admin/invitecodes.bml
- htdocs/admin/logout_user.bml
- htdocs/admin/memcache.bml
- htdocs/admin/memcache_view.bml
- htdocs/admin/mysql_status.bml
- htdocs/admin/navtag.bml
- htdocs/admin/pay/import.bml
- htdocs/admin/pay/index.bml
- htdocs/admin/propedit.bml
- htdocs/admin/qotd/add.bml
- htdocs/admin/qotd/manage.bml
- htdocs/admin/recent_comments.bml
- htdocs/admin/schema/index.bml
- htdocs/admin/schools/edit.bml
- htdocs/admin/schools/merge.bml
- htdocs/admin/schools/pending.bml
- htdocs/admin/schools/rename.bml
- htdocs/admin/sitemessages/add.bml
- htdocs/admin/sitemessages/manage.bml
- htdocs/admin/spamreports.bml
- htdocs/admin/statushistory.bml
- htdocs/admin/styleinfo.bml
- htdocs/admin/sysban.bml
- htdocs/admin/userlog.bml
--------------------------------------------------------------------------------
diff -r 0dce51041e9f -r c56a6080fdcd bin/upgrading/en.dat
--- a/bin/upgrading/en.dat Wed Apr 15 01:02:50 2009 +0800
+++ b/bin/upgrading/en.dat Tue Apr 14 17:34:07 2009 +0000
@@ -1,6 +1,8 @@
;; -*- coding: utf-8 -*-
actionlink=[[[link]]]
+
+admin.noprivserror=Sorry, your account does not have the necessary [[?numprivs|privilege|privileges]] ([[?numprivs||one of ]][[needprivs]]) to use this tool.
backlink=[<a href="[[link]]"><<</a> [[text]]]
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/capedit.bml
--- a/htdocs/admin/capedit.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/capedit.bml Tue Apr 14 17:34:07 2009 +0000
@@ -7,9 +7,12 @@
my $mode = $FORM{'mode'};
my $remote = LJ::get_remote();
- return "<b>Error:</b> not logged in" unless $remote;
- return "<b>Error:</b> no access"
- unless $LJ::IS_DEV_SERVER || LJ::check_priv($remote, "admin", "*");
+ my @display_privs = ( "admin:capedit", "admin:*" );
+ my $numprivs = @display_privs;
+
+ return "<?needlogin?>" unless $remote;
+ return BML::ml ( "admin.noprivserror", { numpriv => $numprivs, needprivs => "<b>" . join(", ", @display_privs) . "</b>"} )
+ unless $LJ::IS_DEV_SERVER || LJ::check_priv($remote, "admin", "*");
$mode ||= $FORM{'user'} ? "viewuser" : "intro";
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/clusterstatus.bml
--- a/htdocs/admin/clusterstatus.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/clusterstatus.bml Tue Apr 14 17:34:07 2009 +0000
@@ -6,9 +6,12 @@ body<=
use strict;
my $remote = LJ::get_remote();
+ my @display_privs = ( "supporthelp" );
+ my $numprivs = @display_privs;
+
return "<?needlogin?>" unless $remote;
- return "<?h1 Error h1?><?p You do not have the necessary privilege (supporthelp) to use this page. p?>"
- unless LJ::check_priv($remote, 'supporthelp');
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join (", ", @display_privs) . "</b>" } )
+ unless LJ::check_priv($remote, "supporthelp");
my $ret;
foreach my $cid (@LJ::CLUSTERS) {
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/dupkiller.bml
--- a/htdocs/admin/dupkiller.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/dupkiller.bml Tue Apr 14 17:34:07 2009 +0000
@@ -7,9 +7,12 @@
my $ret;
my $remote = LJ::get_remote();
- return "Not logged in" unless $remote;
- return "<b>Error:</b> You don't have access to do this."
- unless LJ::check_priv($remote, "supporthelp");
+ my @display_privs = ( "supporthelp" );
+ my $numprivs = @display_privs;
+
+ return "<?needlogin?>" unless $remote;
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @display_privs) . "</b>"} )
+ unless LJ::check_priv($remote, "supporthelp");
unless (LJ::did_post()) {
$ret .= "<h1>duplicate entry killer</h1>\n";
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/entryprops.bml
--- a/htdocs/admin/entryprops.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/entryprops.bml Tue Apr 14 17:34:07 2009 +0000
@@ -7,9 +7,11 @@ body<=
use vars qw($ret %POST);
my $remote = LJ::get_remote();
- my $is_admin = LJ::check_priv($remote, "canview", "entryprops");
- return BML::redirect("$LJ::SITEROOT/editjournal.bml")
- unless $is_admin || $LJ::IS_DEV_SERVER;
+ my @display_privs = ( "canview:entryprops", "canview:*" );
+ my $numprivs = @display_privs;
+
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @display_privs) . "</b>"} )
+ unless $LJ::IS_DEV_SERVER || LJ::check_priv($remote, "canview", "entryprops");
$ret .= "<form method='POST'>";
$ret .= "View properties for URL: ";
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/faq/faqedit.bml
--- a/htdocs/admin/faq/faqedit.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/faq/faqedit.bml Tue Apr 14 17:34:07 2009 +0000
@@ -12,7 +12,7 @@ body<=
use strict;
# FIXME: add crumb
-
+
my $id = $FORM{id} + 0;
my $ret = "";
@@ -21,6 +21,15 @@ body<=
my $remote = LJ::get_remote();
my %ac_edit;
my %ac_add;
+
+ my @display_privs = ( "faqadd", "faqedit" );
+ my $numprivs = @display_privs;
+
+ return "<?needlogin?>" unless $remote;
+
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @display_privs) . "</b>"} )
+ unless LJ::check_priv($remote, "faqadd") || LJ::check_priv($remote, "faqedit");
+
LJ::remote_has_priv( $remote, "faqadd", \%ac_add );
LJ::remote_has_priv( $remote, "faqedit", \%ac_edit );
my $faqd = LJ::Lang::get_dom( "faq" );
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/faq/index.bml
--- a/htdocs/admin/faq/index.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/faq/index.bml Tue Apr 14 17:34:07 2009 +0000
@@ -11,6 +11,13 @@ body<=
my $dbh = LJ::get_db_writer();
my $remote = LJ::get_remote();
+ my @display_privs = ( "faqadd", "faqedit" );
+ my $numprivs = @display_privs;
+
+ return "<?needlogin?>" unless $remote;
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @display_privs) . "</b>"} )
+ unless LJ::check_priv($remote, "faqadd") || LJ::check_priv($remote, "faqedit");
+
my %ac_add;
my %ac_edit;
LJ::remote_has_priv( $remote, "faqadd", \%ac_add );
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/fileedit/index.bml
--- a/htdocs/admin/fileedit/index.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/fileedit/index.bml Tue Apr 14 17:34:07 2009 +0000
@@ -6,13 +6,16 @@
my $DEF_COL = 80;
my $remote = LJ::get_remote();
+ my @display_privs = ( "fileedit" );
+ my $numprivs = @display_privs;
my %files = (); # keys: files remote user has access to, value: 1
my $INC_DIR = $LJ::BML_INC_DIR_ADMIN || $LJ::BML_INC_DIR || "$LJ::HTDOCS/inc";
- unless (LJ::remote_has_priv($remote, "fileedit", \%files)) {
- return "You don't have access to edit any files, or you're not logged in.";
- }
+ return "<?needlogin?>" unless $remote;
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @display_privs) . "</b>"})
+ unless (LJ::remote_has_priv($remote, "fileedit", \%files));
+
my $valid_filename = sub
{
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/invitecodes.bml
--- a/htdocs/admin/invitecodes.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/invitecodes.bml Tue Apr 14 17:34:07 2009 +0000
@@ -9,11 +9,13 @@ body<=
return LJ::server_down_html if ( $LJ::SERVER_DOWN );
my $remote = LJ::get_remote;
+ my @displayprivs = ( "finduser:codetrace", "finduser:*" );
+ my $numprivs = @displayprivs;
return "<?needlogin?>"
unless $remote;
- return BML::redirect( "$LJ::SITEROOT/manage/invitecodes.bml" )
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
unless LJ::check_priv( $remote, "finduser", "codetrace" );
my $ret;
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/logout_user.bml
--- a/htdocs/admin/logout_user.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/logout_user.bml Tue Apr 14 17:34:07 2009 +0000
@@ -9,8 +9,13 @@ body<=
my $err = sub { return "<?h1 Error h1?><?p $_[0] p?>"; };
my $remote = LJ::get_remote();
- return $err->("Please login") unless $remote;
- return $err->("No access") unless LJ::check_priv($remote, 'suspend');
+ my @displayprivs = ( "suspend" );
+ my $numprivs = @displayprivs;
+
+
+ return "<?needlogin?>" unless $remote;
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
+ unless LJ::check_priv($remote, 'suspend');
my $ret = "";
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/memcache.bml
--- a/htdocs/admin/memcache.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/memcache.bml Tue Apr 14 17:34:07 2009 +0000
@@ -8,8 +8,12 @@
use Time::HiRes ();
my $u = LJ::get_remote();
- return "You must be logged in to view this tool." unless $u;
- return "You don't have 'siteadmin' priv." unless LJ::check_priv($u, "siteadmin", "memcacheview");
+ my @displayprivs = ( "siteadmin:memcacheview", "siteadmin:*" );
+ my $numprivs = @displayprivs;
+
+ return "<?needlogin?>" unless $u;
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
+ unless LJ::check_priv($u, "siteadmin", "memcacheview");
my $prev_hits = $u ? LJ::MemCache::get([$u->{'userid'},"mcrate:$u->{'userid'}"]) : undef;
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/memcache_view.bml
--- a/htdocs/admin/memcache_view.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/memcache_view.bml Tue Apr 14 17:34:07 2009 +0000
@@ -10,8 +10,11 @@
my $remote = LJ::get_remote();
+ my @displayprivs = ( "siteadmin:memcacheview", "siteadmin:*" );
+ my $numprivs = @displayprivs;
- return "<b>Error:</b> You don't have access to viewing memcache info."
+ return "<?needlogin?>" unless $remote;
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
unless (LJ::check_priv($remote, "siteadmin", "memcacheview") || $LJ::IS_DEV_SERVER);
return "<b>Error:</b> No memcache servers defined."
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/mysql_status.bml
--- a/htdocs/admin/mysql_status.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/mysql_status.bml Tue Apr 14 17:34:07 2009 +0000
@@ -3,8 +3,12 @@
my $format = $FORM{'format'} || "html";
my $remote = LJ::get_remote();
- return"<b>Error:</b> You don't have access to administer databases."
- unless (LJ::check_priv($remote, "siteadmin", "mysqlstatus"));
+ my @displayprivs = ( "siteadmin:mysqlstatus", "siteadmin:*" );
+ my $numprivs = @displayprivs;
+
+ return "<?needlogin?>" unless $remote;
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
+ unless (LJ::check_priv($remote, "siteadmin", "mysqlstatus"));
my $dbh = LJ::get_db_writer();
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/navtag.bml
--- a/htdocs/admin/navtag.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/navtag.bml Tue Apr 14 17:34:07 2009 +0000
@@ -13,10 +13,13 @@
use vars qw(%GET %POST);
my $remote = LJ::get_remote();
+ my @displayprivs = ( "siteadmin:navtag", "siteadmin:*" );
+ my $numprivs = @displayprivs;
+
return "<?needlogin?>" unless $remote;
- return "You do not have the privs to use this tool"
- unless LJ::check_priv($remote, 'siteadmin', 'navtag');
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
+ unless LJ::check_priv($remote, 'siteadmin', 'navtag');
do "LJ/NavTag.pm";
#use LJ::NavTag;
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/pay/import.bml
--- a/htdocs/admin/pay/import.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/pay/import.bml Tue Apr 14 17:34:07 2009 +0000
@@ -10,7 +10,11 @@
use Date::Parse;
my $remote = LJ::get_remote();
- return "You don't have access to do that.\n"
+ my @displayprivs = ( "payments" );
+ my $numprivs = @displayprivs;
+
+ return "<?needlogin?>" unless $remote;
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
unless LJ::check_priv($remote, 'payments');
my $body = '<h1>Payment Status Import Tool</h1>';
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/pay/index.bml
--- a/htdocs/admin/pay/index.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/pay/index.bml Tue Apr 14 17:34:07 2009 +0000
@@ -8,7 +8,11 @@
use vars qw(%GET %POST);
my $remote = LJ::get_remote();
- return "You don't have access to do that.\n"
+ my @displayprivs = ( "payments" );
+ my $numprivs = @displayprivs;
+
+ return "<?needlogin?>" unless $remote;
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
unless LJ::check_priv($remote, 'payments');
my $body = '<h1>Payment Manager</h1>';
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/propedit.bml
--- a/htdocs/admin/propedit.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/propedit.bml Tue Apr 14 17:34:07 2009 +0000
@@ -21,7 +21,13 @@ body<=
my $remote = LJ::get_remote();
my $is_admin = LJ::check_priv( $remote, "canview", "userprops" );
my $can_save = LJ::check_priv( $remote, "siteadmin", "propedit" );
- return BML::redirect( "$LJ::SITEROOT" ) unless $is_admin;
+
+ my @displayprivs = ( "canview:userprops", "canview:*" );
+ my $numprivs = @displayprivs;
+
+ return "<?needlogin?>" unless $remote;
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
+ unless $is_admin;
$ret .= "<form method='POST'>";
$ret .= "View properties for username: ";
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/qotd/add.bml
--- a/htdocs/admin/qotd/add.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/qotd/add.bml Tue Apr 14 17:34:07 2009 +0000
@@ -7,11 +7,13 @@ body<=
use Class::Autouse qw( LJ::QotD );
my $remote = LJ::get_remote();
+ my @displayprivs = ( "siteadmin:qotd", "siteadmin:*" );
+ my $numprivs = @displayprivs;
return "<?needlogin?>"
unless $remote;
- return "You are not allowed to view this page"
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
unless LJ::check_priv($remote, 'siteadmin', 'qotd') || $LJ::IS_DEV_SERVER;
my $ret = "";
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/qotd/manage.bml
--- a/htdocs/admin/qotd/manage.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/qotd/manage.bml Tue Apr 14 17:34:07 2009 +0000
@@ -11,7 +11,10 @@ body<=
return "<?needlogin?>"
unless $remote;
- return "You are not allowed to view this page"
+ my @displayprivs = ( "siteadmin:qotd", "siteadmin:*" );
+ my $numprivs = @displayprivs;
+
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
unless LJ::check_priv($remote, 'siteadmin', 'qotd') || $LJ::IS_DEV_SERVER;
my $ret = "";
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/recent_comments.bml
--- a/htdocs/admin/recent_comments.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/recent_comments.bml Tue Apr 14 17:34:07 2009 +0000
@@ -7,8 +7,11 @@
use vars qw(%GET %POST);
my $ret;
my $remote = LJ::get_remote();
+ my @displayprivs = ( "siteadmin:commentview", "siteadmin:*" );
+ my $numprivs = @displayprivs;
- return "<b>Error:</b> You don't have access to viewing recent comments."
+ return "<?needlogin?>" unless $remote;
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
unless LJ::check_priv($remote, "siteadmin", "commentview");
my $user = $GET{'user'};
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/schema/index.bml
--- a/htdocs/admin/schema/index.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/schema/index.bml Tue Apr 14 17:34:07 2009 +0000
@@ -9,15 +9,15 @@ body<=
my $sth;
my $remote = LJ::get_remote();
+ my @displayprivs = ( "schemadoc" );
+ my $numprivs = @displayprivs;
+ return "<?needlogin?>" unless $remote;
my $can_doc = 0;
if (LJ::remote_has_priv($remote, "schemadoc")) { $can_doc = 1; }
- unless ($can_doc) {
- my $url = "/doc/server/ljp.dbschema.ref.html";
- $body = "This page is for editing <a href=\"$url\">schema documentation</a>, ";
- $body .= "but you don't have the 'schemadoc' priv.";
- return $body;
- }
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
+ unless ($can_doc);
+
sub magic_links
{
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/schools/edit.bml
--- a/htdocs/admin/schools/edit.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/schools/edit.bml Tue Apr 14 17:34:07 2009 +0000
@@ -30,7 +30,10 @@ body<=
my $remote = LJ::get_remote();
return "<?needlogin?>" unless $remote;
- return $err->('You do not have access to use this tool.')
+ my @displayprivs = ( "siteadmin:school", "siteadmin:*" );
+ my $numprivs = @displayprivs;
+
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
unless (LJ::check_priv($remote, 'siteadmin', 'school'));
my $sid = LJ::did_post() ? $POST{sid} : $GET{sid};
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/schools/merge.bml
--- a/htdocs/admin/schools/merge.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/schools/merge.bml Tue Apr 14 17:34:07 2009 +0000
@@ -17,8 +17,11 @@ body<=
my $remote = LJ::get_remote();
return "<?needlogin?>" unless $remote;
- return $err->('You do not have access to use this tool.')
- unless LJ::check_priv($remote, 'siteadmin', 'school');
+ my @displayprivs =( "siteadmin:school", "siteadmin:*" );
+ my $numprivs = @displayprivs;
+
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
+ unless LJ::check_priv($remote, 'siteadmin', 'school');
$ret .= "<?p [ <a href='index.bml'><< Back to Admin Index</a> ] p?>";
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/schools/pending.bml
--- a/htdocs/admin/schools/pending.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/schools/pending.bml Tue Apr 14 17:34:07 2009 +0000
@@ -30,7 +30,10 @@ body<=
my $remote = LJ::get_remote();
return "<?needlogin?>" unless $remote;
- return $err->('You do not have access to use this tool.')
+ my @displayprivs = ( "siteadmin:schoool", "siteadmin:*" );
+ my $numprivs = @displayprivs;
+
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
unless (LJ::check_priv($remote, 'siteadmin', 'school'));
my $getextra = '';
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/schools/rename.bml
--- a/htdocs/admin/schools/rename.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/schools/rename.bml Tue Apr 14 17:34:07 2009 +0000
@@ -15,7 +15,10 @@ body<=
my $remote = LJ::get_remote();
return "<?needlogin?>" unless $remote;
- return $err->('You do not have access to use this tool.')
+ my @displayprivs = ( "siteadmin:school", "siteadmin:*" );
+ my $numprivs = @displayprivs;
+
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
unless LJ::check_priv($remote, 'siteadmin', 'school');
$ret .= "<?p [ <a href='index.bml'><< Back to Admin Index</a> ] p?>";
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/sitemessages/add.bml
--- a/htdocs/admin/sitemessages/add.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/sitemessages/add.bml Tue Apr 14 17:34:07 2009 +0000
@@ -11,7 +11,9 @@ body<=
return "<?needlogin?>"
unless $remote;
- return "You are not allowed to view this page"
+ my @displayprivs = ( "siteadmin:sitemessages", "siteadmin:*" );
+ my $numprivs = @displayprivs;
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
unless LJ::check_priv($remote, 'siteadmin', 'sitemessages') || $LJ::IS_DEV_SERVER;
my $ret = "";
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/sitemessages/manage.bml
--- a/htdocs/admin/sitemessages/manage.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/sitemessages/manage.bml Tue Apr 14 17:34:07 2009 +0000
@@ -11,7 +11,10 @@ body<=
return "<?needlogin?>"
unless $remote;
- return "You are not allowed to view this page"
+ my @displayprivs = ( "siteadmin:sitemessages", "siteadmin:*" );
+ my $numprivs = @displayprivs;
+
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
unless LJ::check_priv($remote, 'siteadmin', 'sitemessages') || $LJ::IS_DEV_SERVER;
my $ret = "";
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/spamreports.bml
--- a/htdocs/admin/spamreports.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/spamreports.bml Tue Apr 14 17:34:07 2009 +0000
@@ -32,11 +32,14 @@
};
# login check
my $remote = LJ::get_remote();
- return $error->("You must be logged in to be here.")
+ return $error->("<?needlogin?>")
unless $remote;
# priv check
- return $error->("You do not have the necessary privilege to be here.")
+ my @displayprivs = ( "siteadmin:spamreports", "siteadmin:*" );
+ my $numprivs = @displayprivs;
+
+ return $error->(BML::ml("admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} ))
unless LJ::check_priv($remote, 'siteadmin', 'spamreports');
# show the top 10 spam reports by IP
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/statushistory.bml
--- a/htdocs/admin/statushistory.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/statushistory.bml Tue Apr 14 17:34:07 2009 +0000
@@ -10,9 +10,12 @@
# check privs
my $remote = LJ::get_remote();
- unless (LJ::check_priv($remote, "historyview") || $LJ::IS_DEV_SERVER) {
- return "Sorry, you don't have access to view this page.";
- }
+ my @displayprivs =( "historyview" );
+ my $numprivs = @displayprivs;
+
+ return "<?needlogin?>" unless $remote;
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
+ unless (LJ::check_priv($remote, "historyview") || $LJ::IS_DEV_SERVER);
my $ret;
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/styleinfo.bml
--- a/htdocs/admin/styleinfo.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/styleinfo.bml Tue Apr 14 17:34:07 2009 +0000
@@ -7,7 +7,12 @@ body<=
use vars qw(%POST %GET);
my $remote = LJ::get_remote();
- BML::redirect("$LJ::SITEROOT/customize/")
+
+ return "<?needlogin?>" unless $remote;
+
+ my @displayprivs = ( "any support privilege" );
+ my $numprivs = @displayprivs;
+ return BML::ml( "admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
unless LJ::Support::has_any_support_priv($remote) || $LJ::IS_DEV_SERVER;
my $ret;
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/sysban.bml
--- a/htdocs/admin/sysban.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/sysban.bml Tue Apr 14 17:34:07 2009 +0000
@@ -37,7 +37,10 @@ body<=
my $remote = LJ::get_remote();
return "<?needlogin?>" unless $remote;
- return $err->("You do not have the necessary privilege to view this page.")
+ my @displayprivs = ( "sysban" );
+ my $numprivs = @displayprivs;
+
+ return BML::ml("admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
unless LJ::check_priv( $remote, $priv );
LJ::load_user_privs($remote, $priv)
@@ -232,4 +235,3 @@ _code?>
_code?>
<=body
page?>
-
diff -r 0dce51041e9f -r c56a6080fdcd htdocs/admin/userlog.bml
--- a/htdocs/admin/userlog.bml Wed Apr 15 01:02:50 2009 +0800
+++ b/htdocs/admin/userlog.bml Tue Apr 14 17:34:07 2009 +0000
@@ -30,7 +30,10 @@ body<=
return "<?h1 Error h1?><?p $_[0] p?>";
};
- return $err->("You do not have the necessary privilege to view this page.")
+ my @displayprivs = ( "canview:userlog", "canview:*" );
+ my $numprivs = @displayprivs;
+
+ return BML::ml("admin.noprivserror", { numprivs => $numprivs, needprivs => "<b>" . join(", ", @displayprivs) . "</b>"} )
unless LJ::check_priv($remote, 'canview', 'userlog') ||
LJ::check_priv($remote, 'canview', '*');
--------------------------------------------------------------------------------