mirror/php-flarum
1
0
Fork 0
mirror of https://github.com/flarum/core.git synced 2025-10-13 07:54:25 +02:00
Code Issues Releases Wiki Activity

Remove sudo mode and add password confirmation when changing email address

Browse Source 
closes #674
This commit is contained in:
Toby Zerner
2016-03-11 12:44:18 +10:30
parent dc757fae5f
commit e37c7a9b06
19 changed files with 80 additions and 477 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
src/Core/Access/AssertPermissionTrait.php
View File

@@ -10,11 +10,9 @@
namespace Flarum\Core\Access;
use DateTime;
use Flarum\Api\Exception\InvalidAccessTokenException;
use Flarum\Core\Exception\PermissionDeniedException;
use Flarum\Core\User;
use Psr\Http\Message\ServerRequestInterface;
trait AssertPermissionTrait
{
@@ -66,28 +64,4 @@ trait AssertPermissionTrait
{
$this->assertCan($actor, 'administrate');
}
/**
* @param ServerRequestInterface $request
* @throws InvalidAccessTokenException
*/
protected function assertSudo(ServerRequestInterface $request)
{
$session = $request->getAttribute('session');
if ($session && $session->get('sudo_expiry') < new DateTime) {
throw new InvalidAccessTokenException;
}
}
/**
* @param ServerRequestInterface $request
* @throws PermissionDeniedException
*/
protected function assertAdminAndSudo(ServerRequestInterface $request)
{
$this->assertAdmin($request->getAttribute('actor'));
$this->assertSudo($request);
}
}