From 35c9ff0b6526928c7a4394495bb4c679407ea1ec Mon Sep 17 00:00:00 2001
From: icewing <icewing@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Wed, 11 Jun 2008 12:21:17 +0000
Subject: Marcus Povey <marcus@dushka.co.uk> * actions with admin only support

git-svn-id: https://code.elgg.org/elgg/trunk@864 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 engine/lib/actions.php | 28 +++++++++++++++++-----------
 1 file changed, 17 insertions(+), 11 deletions(-)

(limited to 'engine/lib/actions.php')

diff --git a/engine/lib/actions.php b/engine/lib/actions.php
index 07b52933d..682e13b55 100644
--- a/engine/lib/actions.php
+++ b/engine/lib/actions.php
@@ -48,15 +48,20 @@
                 $forwarder = substr($forwarder,1);
             }
             
-            if (isset($CONFIG->actions[$action])) {
-                if ($CONFIG->actions[$action]['public'] || $_SESSION['id'] != -1) {
-	                if (@include($CONFIG->actions[$action]['file'])) {
+            if (isset($CONFIG->actions[$action])) {
+            	if (
+            		(isadminloggedin()) ||
+            		(!$CONFIG->actions[$action]['admin'])
+            	) {
+	                if ($CONFIG->actions[$action]['public'] || $_SESSION['id'] != -1) {
+		                if (@include($CONFIG->actions[$action]['file'])) {
+		                } else {
+		                    register_error(sprintf(elgg_echo('actionundefined'),$action));
+		                }
 	                } else {
-	                    register_error(sprintf(elgg_echo('actionundefined'),$action));
-	                }
-                } else {
-                    register_error(elgg_echo('actionloggedout'));
-                }
+	                    register_error(elgg_echo('actionloggedout'));
+	                }
+            	}
             } else {
             	register_error(sprintf(elgg_echo('actionundefined'),$action));
             }
@@ -69,10 +74,11 @@
 	 *
 	 * @param string $action The name of the action (eg "register", "account/settings/save")
 	 * @param boolean $public Can this action be accessed by people not logged into the system?
-	 * @param string $filename Optionally, the filename where this action is located
+	 * @param string $filename Optionally, the filename where this action is located
+	 * @param boolean $admin_only Whether this action is only available to admin users.
 	 */
         
-        function register_action($action, $public = false, $filename = "") {
+        function register_action($action, $public = false, $filename = "", $admin_only = false) {
             global $CONFIG;            
             
             if (!isset($CONFIG->actions)) {
@@ -86,7 +92,7 @@
                 $filename = $path . "actions/" . $action . ".php";
             }
             
-            $CONFIG->actions[$action] = array('file' => $filename, 'public' => $public);
+            $CONFIG->actions[$action] = array('file' => $filename, 'public' => $public, 'admin' => $admin_only);
             return true;
         }
 
-- 
cgit v1.2.3