From 7134dfe52977665aadbd817f85f1f751c3738c04 Mon Sep 17 00:00:00 2001
From: Mischa POSLAWSKY <perl@shiar.org>
Date: Thu, 5 Oct 2017 00:34:11 +0200
Subject: [PATCH] login: derive user permissions from .admin file

Replaces site-specific name exceptions.
---
 auth.inc.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/auth.inc.php b/auth.inc.php
index ef80ecd..b20331a 100644
--- a/auth.inc.php
+++ b/auth.inc.php
@@ -7,7 +7,8 @@ function login($inuser, $inpass = NULL)
 	}
 
 	# find password data by user name
-	$pwfile = sprintf('login/%s/.passwd', strtolower($inuser));
+	$userdir = 'login/'.strtolower($inuser);
+	$pwfile = "$userdir/.passwd";
 	if (!file_exists($pwfile)) return;
 	$usertest = trim(file_get_contents($pwfile));
 	if (!$usertest) return;
@@ -25,7 +26,7 @@ function login($inuser, $inpass = NULL)
 
 	return [
 		'name'  => $inuser,
-		'admin' => !empty($inuser) && strtolower($inuser) != 'lid',
+		'admin' => file_exists("$userdir/.admin"),
 		'auth'  => "$inuser:$authhash",
 	];
 }
-- 
2.30.0