From fa75a38a3df5d495923b7044e8cc65d2482d7d3e Mon Sep 17 00:00:00 2001 From: Nic Waller Date: Sat, 1 Jun 2013 05:33:43 +0000 Subject: [PATCH] Converted TODO lines into GitHub issues --- authmgr/plugin.php | 24 +----------------------- 1 file changed, 1 insertion(+), 23 deletions(-) diff --git a/authmgr/plugin.php b/authmgr/plugin.php index b62dc9e..9353db2 100644 --- a/authmgr/plugin.php +++ b/authmgr/plugin.php @@ -58,8 +58,6 @@ yourls_add_action( 'admin_init', 'authmgr_intercept_admin' ); * to add a unique hook for each action, but unfortunately we need to * hook the admin page load itself, and try to figure out what action * is intended. - * - * TODO: Maybe YOURLS could be improved with more detailed action hooks. */ function authmgr_intercept_admin() { authmgr_require_capability( AuthmgrCapability::ShowAdmin ); @@ -126,8 +124,6 @@ function authmgr_html_append_roles( $original ) { */ function authmgr_require_capability( $capability ) { if ( !authmgr_have_capability( $capability ) ) { - // TODO: display a much nicer error page - //die('Sorry, you are not authorized for the action: '.$capability); yourls_redirect( yourls_admin_url( '?access=denied' ), 302 ); die(); } @@ -150,7 +146,6 @@ function authmgr_enumerate_current_capabilities() { } function authmgr_enumerate_all_capabilities() { - // TODO: generalize this, instead of just repeating the total declaration return array( AuthmgrCapability::ShowAdmin, AuthmgrCapability::AddURL, @@ -169,10 +164,6 @@ function authmgr_enumerate_all_capabilities() { * is permitted in the current context. Any function in the filter * chain can change the response, but well-behaved functions will * only change 'false' to 'true', never the other way around. - * - * TODO: how to convey context when we later implement "ownership" on - * URL rows? maybe send an array that includes capabilitity - * and other context variables. */ function authmgr_have_capability( $capability ) { return yourls_apply_filter( AUTHMGR_ALLOW, false, $capability); @@ -201,10 +192,6 @@ function authmgr_check_anon_capability( $original, $capability ) { /* * What capabilities are available through role assignments to the active user? - * - * TODO: maybe pre-calculate an access token for the current user with all - * of the permitted capabilities. Then this function would simply - * check the contents of the access token. */ yourls_add_filter( AUTHMGR_ALLOW, 'authmgr_check_user_capability', 10 ); function authmgr_check_user_capability( $original, $capability ) { @@ -270,22 +257,14 @@ function authmgr_check_apiuser_capability( $original, $capability ) { // In API mode and not using user/path authn? Let it go. if ( yourls_is_API() && !isset($_REQUEST['username']) ) return true; - // TODO: add controls for actions, like - // shorturl, stats, db-stats, url-stats, expand return $original; } /******************** ROLE TEST AND ENUMERATION ***********************/ -/* - * TODO: consider moving roles into a database table, and manipulate with web GUI - * TODO: consider allowing other plugins to contribute capabilities with a filter chain - */ - /* * Determine whether a specific user has a role. - * TODO: don't use filter chains for role enumeration. that's silly. */ function authmgr_user_has_role( $username, $rolename ) { return yourls_apply_filter( AUTHMGR_HASROLE, false, $username, $rolename ); @@ -331,7 +310,7 @@ function authmgr_environment_check() { if ( !isset( $authmgr_anon_capabilities) ) { $authmgr_anon_capabilities = array( AuthmgrCapability::API, - AuthmgrCapability::ShowAdmin,//TODO: hack! how to allow logon page? + AuthmgrCapability::ShowAdmin, ); } @@ -373,7 +352,6 @@ function authmgr_environment_check() { // convert role assignment table to lower case if it hasn't been done already // this makes searches much easier! - // TODO: avoid doing this every time we validate $authmgr_role_assignment_lower = array(); foreach ( $authmgr_role_assignment as $key => $value ) { $t_key = strtolower( $key );