Use User::can('post.delete')

beaver-dev · beaver-dev · commit a08af9a03ee5 · 2016-04-16T18:12:36.000+02:00
diff --git a/featherbb/Controller/Post.php b/featherbb/Controller/Post.php
@@ -259,7 +259,7 @@ public function editpost($req, $res, $args)
         }
 
         // Do we have permission to edit this post?
-        if ((User::get()->g_edit_posts == '0' || $cur_post['poster_id'] != User::get()->id || $cur_post['closed'] == '1') && !$is_admmod) {
+        if ((!User::can('post.edit') || $cur_post['poster_id'] != User::get()->id || $cur_post['closed'] == '1') && !$is_admmod) {
             throw new Error(__('No permission'), 403);
         }
 
diff --git a/featherbb/Model/Topic.php b/featherbb/Model/Topic.php
@@ -957,7 +957,7 @@ public function print_posts($topic_id, $start_from, $cur_topic, $is_admmod)
                         if ((($start_from + $post_count) == 1 && User::can('topic.delete')) || (($start_from + $post_count) > 1 && User::can('post.delete'))) {
                             $cur_post['post_actions'][] = '<li class="postdelete"><span><a href="'.Router::pathFor('deletePost', ['id' => $cur_post['id']]).'">'.__('Delete').'</a></span></li>';
                         }
-                        if (User::get()->g_edit_posts == '1') {
+                        if (User::can('post.edit')) {
                             $cur_post['post_actions'][] = '<li class="postedit"><span><a href="'.Router::pathFor('editPost', ['id' => $cur_post['id']]).'">'.__('Edit').'</a></span></li>';
                         }
                     }

Original file line number	Diff line number	Diff line change
`@@ -259,7 +259,7 @@ public function editpost($req, $res, $args)`
`259`	`259`	`}`
`260`	`260`
`261`	`261`	`// Do we have permission to edit this post?`
`262`		`- if ((User::get()->g_edit_posts == '0' \|\| $cur_post['poster_id'] != User::get()->id \|\| $cur_post['closed'] == '1') && !$is_admmod) {`
	`262`	`+ if ((!User::can('post.edit') \|\| $cur_post['poster_id'] != User::get()->id \|\| $cur_post['closed'] == '1') && !$is_admmod) {`
`263`	`263`	`throw new Error(__('No permission'), 403);`
`264`	`264`	`}`
`265`	`265`
Original file line number	Diff line number	Diff line change
`@@ -957,7 +957,7 @@ public function print_posts($topic_id, $start_from, $cur_topic, $is_admmod)`
`957`	`957`	`if ((($start_from + $post_count) == 1 && User::can('topic.delete')) \|\| (($start_from + $post_count) > 1 && User::can('post.delete'))) {`
`958`	`958`	`$cur_post['post_actions'][] = '<li class="postdelete"><span><a href="'.Router::pathFor('deletePost', ['id' => $cur_post['id']]).'">'.__('Delete').'</a></span></li>';`
`959`	`959`	`}`
`960`		`- if (User::get()->g_edit_posts == '1') {`
	`960`	`+ if (User::can('post.edit')) {`
`961`	`961`	`$cur_post['post_actions'][] = '<li class="postedit"><span><a href="'.Router::pathFor('editPost', ['id' => $cur_post['id']]).'">'.__('Edit').'</a></span></li>';`
`962`	`962`	`}`
`963`	`963`	`}`