diff --git a/source/packages/com_mokosuitebackup/api/src/Controller/SnapshotsController.php b/source/packages/com_mokosuitebackup/api/src/Controller/SnapshotsController.php index 92c3eb5..0d77d96 100644 --- a/source/packages/com_mokosuitebackup/api/src/Controller/SnapshotsController.php +++ b/source/packages/com_mokosuitebackup/api/src/Controller/SnapshotsController.php @@ -36,7 +36,7 @@ class SnapshotsController extends ApiController */ public function displayList(): static { - if (!$this->app->getIdentity()->authorise('core.manage', 'com_mokosuitebackup')) { + if (!$this->app->getIdentity()->authorise('mokosuitebackup.snapshot.manage', 'com_mokosuitebackup')) { $this->app->setHeader('status', 403); echo json_encode(['errors' => [['title' => 'Access denied']]]); $this->app->close(); @@ -250,7 +250,7 @@ class SnapshotsController extends ApiController */ public function download(): static { - if (!$this->app->getIdentity()->authorise('core.manage', 'com_mokosuitebackup')) { + if (!$this->app->getIdentity()->authorise('mokosuitebackup.snapshot.manage', 'com_mokosuitebackup')) { $this->app->setHeader('status', 403); echo json_encode(['errors' => [['title' => 'Access denied']]]); $this->app->close(); diff --git a/source/packages/com_mokosuitebackup/src/Controller/AjaxController.php b/source/packages/com_mokosuitebackup/src/Controller/AjaxController.php index fb38651..191dc50 100644 --- a/source/packages/com_mokosuitebackup/src/Controller/AjaxController.php +++ b/source/packages/com_mokosuitebackup/src/Controller/AjaxController.php @@ -348,7 +348,7 @@ class AjaxController extends BaseController return; } - if (!$this->app->getIdentity()->authorise('mokosuitebackup.backup.run', 'com_mokosuitebackup')) { + if (!$this->app->getIdentity()->authorise('mokosuitebackup.backup.restore', 'com_mokosuitebackup')) { $this->sendJson(['error' => true, 'message' => 'Access denied'], 403); return; @@ -384,7 +384,7 @@ class AjaxController extends BaseController return; } - if (!$this->app->getIdentity()->authorise('mokosuitebackup.backup.run', 'com_mokosuitebackup')) { + if (!$this->app->getIdentity()->authorise('mokosuitebackup.backup.restore', 'com_mokosuitebackup')) { $this->sendJson(['error' => true, 'message' => 'Access denied'], 403); return; @@ -416,7 +416,7 @@ class AjaxController extends BaseController return; } - if (!$this->app->getIdentity()->authorise('core.manage', 'com_mokosuitebackup')) { + if (!$this->app->getIdentity()->authorise('mokosuitebackup.backup.browse', 'com_mokosuitebackup')) { $this->sendJson(['error' => true, 'message' => 'Access denied'], 403); return; @@ -725,7 +725,7 @@ class AjaxController extends BaseController return; } - if (!$this->app->getIdentity()->authorise('core.delete', 'com_mokosuitebackup')) { + if (!$this->app->getIdentity()->authorise('mokosuitebackup.backup.purge', 'com_mokosuitebackup')) { $this->sendJson(['error' => true, 'message' => 'Access denied'], 403); return; @@ -776,7 +776,7 @@ class AjaxController extends BaseController return; } - if (!$this->app->getIdentity()->authorise('core.manage', 'com_mokosuitebackup')) { + if (!$this->app->getIdentity()->authorise('mokosuitebackup.backup.compare', 'com_mokosuitebackup')) { $this->sendJson(['error' => true, 'message' => 'Access denied'], 403); return; diff --git a/source/packages/com_mokosuitebackup/src/Controller/BackupsController.php b/source/packages/com_mokosuitebackup/src/Controller/BackupsController.php index 205dcd3..1f09d49 100644 --- a/source/packages/com_mokosuitebackup/src/Controller/BackupsController.php +++ b/source/packages/com_mokosuitebackup/src/Controller/BackupsController.php @@ -176,7 +176,7 @@ class BackupsController extends AdminController { $this->checkToken(); - if (!$this->app->getIdentity()->authorise('core.delete', 'com_mokosuitebackup')) { + if (!$this->app->getIdentity()->authorise('mokosuitebackup.backup.purge', 'com_mokosuitebackup')) { $this->setMessage(Text::_('JLIB_APPLICATION_ERROR_ACCESS_FORBIDDEN'), 'error'); $this->setRedirect(Route::_('index.php?option=com_mokosuitebackup&view=backups', false)); diff --git a/source/packages/com_mokosuitebackup/src/Controller/SnapshotsController.php b/source/packages/com_mokosuitebackup/src/Controller/SnapshotsController.php index 057b30e..f72ff53 100644 --- a/source/packages/com_mokosuitebackup/src/Controller/SnapshotsController.php +++ b/source/packages/com_mokosuitebackup/src/Controller/SnapshotsController.php @@ -259,7 +259,7 @@ class SnapshotsController extends AdminController { $this->checkToken(); - if (!$this->app->getIdentity()->authorise('core.delete', 'com_mokosuitebackup')) { + if (!$this->app->getIdentity()->authorise('mokosuitebackup.snapshot.manage', 'com_mokosuitebackup')) { $this->setMessage(Text::_('JLIB_APPLICATION_ERROR_ACCESS_FORBIDDEN'), 'error'); $this->setRedirect(Route::_('index.php?option=com_mokosuitebackup&view=snapshots', false)); diff --git a/source/packages/com_mokosuitebackup/src/View/Backups/HtmlView.php b/source/packages/com_mokosuitebackup/src/View/Backups/HtmlView.php index 1e69cb7..2ac116a 100644 --- a/source/packages/com_mokosuitebackup/src/View/Backups/HtmlView.php +++ b/source/packages/com_mokosuitebackup/src/View/Backups/HtmlView.php @@ -120,14 +120,19 @@ class HtmlView extends BaseHtmlView ToolbarHelper::custom('backups.restore', 'upload', '', 'COM_MOKOJOOMBACKUP_TOOLBAR_RESTORE', true); } - ToolbarHelper::custom('backups.verify', 'shield', '', 'COM_MOKOJOOMBACKUP_TOOLBAR_VERIFY', true); - if ($user->authorise('core.manage', 'com_mokosuitebackup')) { + ToolbarHelper::custom('backups.verify', 'shield', '', 'COM_MOKOJOOMBACKUP_TOOLBAR_VERIFY', true); + } + + if ($user->authorise('mokosuitebackup.backup.compare', 'com_mokosuitebackup')) { ToolbarHelper::custom('backups.compare', 'copy', '', 'COM_MOKOJOOMBACKUP_TOOLBAR_COMPARE', true); } if ($user->authorise('core.delete', 'com_mokosuitebackup')) { ToolbarHelper::deleteList('JGLOBAL_CONFIRM_DELETE', 'backups.delete'); + } + + if ($user->authorise('mokosuitebackup.backup.purge', 'com_mokosuitebackup')) { ToolbarHelper::custom('backups.purgeModal', 'trash', '', 'COM_MOKOJOOMBACKUP_TOOLBAR_PURGE', false); }