From d570d510924be41e1e5f0329d04a0a4dede0f530 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Roland=20H=C3=A4der?= <roland@mxchange.org>
Date: Tue, 14 Dec 2010 07:07:05 +0000
Subject: [PATCH] isAdminAllowedAccessMenu() introduced (cache is currently not
 required but it can be done very easily)

---
 DOCS/TODOs.txt                  |  7 +++---
 inc/modules/admin/admin-inc.php | 40 ++++++++++++++++-----------------
 2 files changed, 23 insertions(+), 24 deletions(-)

diff --git a/DOCS/TODOs.txt b/DOCS/TODOs.txt
index f293a25ce3..6bb20a927b 100644
--- a/DOCS/TODOs.txt
+++ b/DOCS/TODOs.txt
@@ -96,10 +96,9 @@
 ./inc/module-functions.php:267:			// @TODO Nothing helped???
 ./inc/module-functions.php:308:			// @TODO Rewrite this to a filter
 ./inc/modules/admin/admin-inc.php:170:		// @TODO This and the next getCurrentAdminId() call might be moved into the templates?
-./inc/modules/admin/admin-inc.php:259:		// @TODO Rewrite this to $content = SQL_FETCHARRAY()
-./inc/modules/admin/admin-inc.php:264:				// @TODO ACL is 'allow'... hmmm
-./inc/modules/admin/admin-inc.php:330:					// @TODO Rewrite this to $content = SQL_FETCHARRAY()
-./inc/modules/admin/admin-inc.php:336:							// @TODO ACL is 'allow'... hmmm
+./inc/modules/admin/admin-inc.php:241:		// @TODO This can be rewritten into a filter
+./inc/modules/admin/admin-inc.php:273:		// @TODO Rewrite this to $content = SQL_FETCHARRAY()
+./inc/modules/admin/admin-inc.php:338:					// @TODO Rewrite this to $content = SQL_FETCHARRAY()
 ./inc/modules/admin/admin-inc.php:436:// @TODO Try to rewrite this to adminAddMenuSelectionBox()
 ./inc/modules/admin/overview-inc.php:162:				// @TODO Rewrite this to a filter
 ./inc/modules/admin/overview-inc.php:275:				// @TODO Rewrite this to something with include files and/or filter
diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php
index bce95acae4..0bc05eba30 100644
--- a/inc/modules/admin/admin-inc.php
+++ b/inc/modules/admin/admin-inc.php
@@ -232,8 +232,22 @@ LIMIT 1",
 	loadTemplate('admin_main_footer', false, $content);
 }
 
+// Checks wether current admin is allowed to access given action/what combination
+// (only one is allowed to be null!)
+function isAdminAllowedAccessMenu ($action, $what = null) {
+	// Do we have cache?
+	if (!isset($GLOBALS[__FUNCTION__][$action][$what])) {
+		// ACL is always 'allow' when no ext-admins is installed
+		// @TODO This can be rewritten into a filter
+		$GLOBALS[__FUNCTION__][$action][$what] = ((!isExtensionInstalledAndNewer('admins', '0.2.0')) || (adminsCheckAdminAcl($action, $what)));
+	} // END - if
+
+	// Return the cached value
+	return $GLOBALS[__FUNCTION__][$action][$what];
+}
+
 // Adds an admin menu
-function addAdminMenu ($action, $what, $return=false) {
+function addAdminMenu ($action, $what, $return = false) {
 	// Init variables
 	$SUB = false;
 	$OUT = '';
@@ -258,25 +272,19 @@ ORDER BY
 		$OUT .= '<ul class="admin_menu_main">';
 		// @TODO Rewrite this to $content = SQL_FETCHARRAY()
 		while (list($menu, $title, $descr) = SQL_FETCHROW($result_main)) {
-			if (isExtensionInstalledAndNewer('admins', '0.2.0')) {
-				$ACL = adminsCheckAdminAcl($menu, '');
-			} else {
-				// @TODO ACL is 'allow'... hmmm
-				$ACL = true;
-			}
-
 			// Filename
 			$inc = sprintf("inc/modules/admin/action-%s.php", $menu);
 
 			// Is the file readable?
 			$readable = isIncludeReadable($inc);
 
-			if ($ACL === true) {
+			// Is the current admin allowed to access this 'action' menu?
+			if (isAdminAllowedAccessMenu($menu)) {
 				if ($SUB === false) {
 					// Insert compiled menu title and description
 					$GLOBALS['menu']['title'][$menu]      = $title;
 					$GLOBALS['menu']['description'][$menu] = $descr;
-				}
+				} // END - if
 				$OUT .= '<li class="admin_menu">
 <div class="nobr"><strong>&middot;</strong>&nbsp;';
 
@@ -329,22 +337,14 @@ ORDER BY
 					$OUT .= '<li class="admin_menu_sub"><ul class="admin_menu_sub">';
 					// @TODO Rewrite this to $content = SQL_FETCHARRAY()
 					while (list($what_sub, $title_what, $desc_what) = SQL_FETCHROW($result_what)) {
-						// Check for access level
-						if (isExtensionInstalledAndNewer('admins', '0.2.0')) {
-							$ACL = adminsCheckAdminAcl('', $what_sub);
-						} else {
-							// @TODO ACL is 'allow'... hmmm
-							$ACL = true;
-						}
-
 						// Filename
 						$inc = sprintf("inc/modules/admin/what-%s.php", $what_sub);
 
 						// Is the file readable?
 						$readable = isIncludeReadable($inc);
 
-						// Access allowed?
-						if ($ACL === true) {
+						// Is the current admin allowed to access this 'what' menu?
+						if (isAdminAllowedAccessMenu(null, $what_sub)) {
 							// Insert compiled title and description
 							$GLOBALS['menu']['title'][$what_sub]      = $title_what;
 							$GLOBALS['menu']['description'][$what_sub] = $desc_what;
-- 
2.30.2