From 991497ceb381d1ab6bc79db8bfad4405c8bbd008 Mon Sep 17 00:00:00 2001
From: Christian Weiske <cweiske@cweiske.de>
Date: Thu, 8 May 2014 23:09:41 +0200
Subject: show remote fork button only if user cannot write

---
 data/templates/display-head.htm |  6 ++++++
 src/phorkie/HtmlHelper.php      | 22 ++++++++++++++++++++++
 2 files changed, 28 insertions(+)

diff --git a/data/templates/display-head.htm b/data/templates/display-head.htm
index f610f84..aa7daec 100644
--- a/data/templates/display-head.htm
+++ b/data/templates/display-head.htm
@@ -8,13 +8,19 @@
  <div class="span2 pull-right">
   <form method="post" action="{{repo.getLink('fork')}}">
    <div class="btn-group pull-right">
+    {% if htmlhelper.mayWriteLocally %}
     <button type="submit" class="btn"><i class="icon-share"></i> fork</button>
+    {% else %}
+    <a class="btn" href="{{repo.getLink('remotefork')}}"><i class="icon-share"></i> Fork to remote system</a>
+    {% endif %}
     <button class="btn dropdown-toggle" data-toggle="dropdown">
      <span class="caret"></span>
     </button>
     <ul class="dropdown-menu">
+     {% if htmlhelper.mayWriteLocally %}
      <li><a href="{{repo.getLink('remotefork')}}"><i class="icon-share"></i> Fork to remote system</a></li>
      <li class="divider"></li>
+     {% endif %}
      <li><a href="help#remote-forking"><i class="icon-question-sign"></i> Help on remote forking</a></li>
     </ul>
    </div>
diff --git a/src/phorkie/HtmlHelper.php b/src/phorkie/HtmlHelper.php
index ca5f989..c3336c3 100644
--- a/src/phorkie/HtmlHelper.php
+++ b/src/phorkie/HtmlHelper.php
@@ -49,6 +49,28 @@ class HtmlHelper
     {
         return Tools::fullUrl($path);
     }
+
+    public function mayWriteLocally()
+    {
+        if ($GLOBALS['phorkie']['auth']['securityLevel'] == 0) {
+            //everyone may do everything
+            return true;
+        }
+
+        $logged_in = false;
+        if (!isset($_SESSION['identity'])) {
+            //not logged in
+        } else if ($GLOBALS['phorkie']['auth']['listedUsersOnly']) {
+            if (in_array($_SESSION['identity'], $GLOBALS['phorkie']['auth']['users'])) {
+                $logged_in = true;
+            }
+        } else {
+            //session identity exists, no special checks required
+            $logged_in = true;
+        }
+
+        return $logged_in;
+    }
 }
 
 ?>
-- 
cgit v1.2.3