[UPDATE] ACL Management

* [ADDED] Smarty acl_check function * [ADDED] Optional default return value for getValue calls * [UPDATE] ACL Checks in page controllers * [UPDATE] Navigation template to use check_acl from Smarty * [ADDED] New ACL options where needed * [REMOVED] Disable pages from System Settings Tab * [ADDED] Above removed pages into ACL Settings Tab This will make usage of ACLs a bit easier and transparent. Also fixes #1731 once merged.
2014-02-12 10:08:41 +01:00 · 2014-02-12 10:08:41 +01:00 · d7f2e6e5ac
commit d7f2e6e5ac
parent f43a5214c4
17 changed files with 179 additions and 131 deletions
--- a/public/include/classes/setting.class.php
+++ b/public/include/classes/setting.class.php
@ -9,14 +9,18 @@ class Setting extends Base {
   * @param name string Setting name
   * @return value string Value
   **/
-  public function getValue($name) {
+  public function getValue($name, $default="") {
    $stmt = $this->mysqli->prepare("SELECT value FROM $this->table WHERE name = ? LIMIT 1");
-    if ($this->checkStmt($stmt) && $stmt->bind_param('s', $name) && $stmt->execute() && $result = $stmt->get_result())
-      if ($result->num_rows > 0)
+    if ($this->checkStmt($stmt) && $stmt->bind_param('s', $name) && $stmt->execute() && $result = $stmt->get_result()) {
+      if ($result->num_rows > 0) {
        return $result->fetch_object()->value;
+      } else {
+        return $default;
+      }
+    }
    // Log error but return empty string
    $this->sqlError();
-    return "";
+    return $default;
  }

  /**
--- a/public/include/config/admin_settings.inc.php
+++ b/public/include/config/admin_settings.inc.php
@ -189,39 +189,60 @@ $aSettings['acl'][] = array(
 );
 $aSettings['acl'][] = array(
  'display' => 'Pool Statistics', 'type' => 'select',
-  'options' => array( 0 => 'Private', 1 => 'Public'),
+  'options' => array( 0 => 'Private', 1 => 'Public', 2 => 'Disabled' ),
  'default' => 1,
  'name' => 'acl_pool_statistics', 'value' => $setting->getValue('acl_pool_statistics'),
  'tooltip' => 'Make the pool statistics page private (users only) or public.'
 );
 $aSettings['acl'][] = array(
  'display' => 'Block Statistics', 'type' => 'select',
-  'options' => array( 0 => 'Private', 1 => 'Public'),
+  'options' => array( 0 => 'Private', 1 => 'Public', 2 => 'Disabled' ),
  'default' => 1,
  'name' => 'acl_block_statistics', 'value' => $setting->getValue('acl_block_statistics'),
  'tooltip' => 'Make the block statistics page private (users only) or public.'
 );
 $aSettings['acl'][] = array(
  'display' => 'Round Statistics', 'type' => 'select',
-  'options' => array( 0 => 'Private', 1 => 'Public'),
+  'options' => array( 0 => 'Private', 1 => 'Public', 2 => 'Disabled' ),
  'default' => 1,
  'name' => 'acl_round_statistics', 'value' => $setting->getValue('acl_round_statistics'),
  'tooltip' => 'Make the round statistics page private (users only) or public.'
 );
 $aSettings['acl'][] = array(
  'display' => 'Block Finder Statistics', 'type' => 'select',
-  'options' => array( 0 => 'Private', 1 => 'Public'),
+  'options' => array( 0 => 'Private', 1 => 'Public', 2 => 'Disabled' ),
  'default' => 1,
  'name' => 'acl_blockfinder_statistics', 'value' => $setting->getValue('acl_blockfinder_statistics'),
  'tooltip' => 'Make the Block Finder Statistics page private (users only) or public.'
 );
 $aSettings['acl'][] = array(
  'display' => 'Uptime Statistics', 'type' => 'select',
-  'options' => array( 0 => 'Private', 1 => 'Public'),
+  'options' => array( 0 => 'Private', 1 => 'Public', 2 => 'Disabled' ),
  'default' => 1,
  'name' => 'acl_uptime_statistics', 'value' => $setting->getValue('acl_uptime_statistics'),
  'tooltip' => 'Make the uptime statistics page private (users only) or public.'
 );
+$aSettings['acl'][] = array(
+  'display' => 'Donors Page', 'type' => 'select',
+  'options' => array( 0 => 'Private', 1 => 'Public', 2 => 'Disabled' ),
+  'default' => 1,
+  'name' => 'acl_donors_page', 'value' => $setting->getValue('acl_donors_page'),
+  'tooltip' => 'Make the donors page private (users only) or public.'
+);
+$aSettings['acl'][] = array(
+  'display' => 'About Page', 'type' => 'select',
+  'options' => array( 0 => 'Private', 1 => 'Public', 2 => 'Disabled' ),
+  'default' => 1,
+  'name' => 'acl_about_page', 'value' => $setting->getValue('acl_about_page'),
+  'tooltip' => 'Make the about page private (users only) or public.'
+);
+$aSettings['acl'][] = array(
+  'display' => 'Contactform', 'type' => 'select',
+  'options' => array( 0 => 'Private', 1 => 'Public', 2 => 'Disabled' ),
+  'default' => 1,
+  'name' => 'acl_contactform', 'value' => $setting->getValue('acl_contactform'),
+  'tooltip' => 'Make the contactform private (users only) or public.'
+);
 $aSettings['system'][] = array(
  'display' => 'E-mail address for system error notifications', 'type' => 'text',
  'size' => 25,
@ -278,34 +299,6 @@ $aSettings['system'][] = array(
  'name' => 'disable_api', 'value' => $setting->getValue('disable_api'),
  'tooltip' => 'Enable or Disable the pool wide API functions. See API reference on Github for details.'
 );
-$aSettings['system'][] = array(
-  'display' => 'Disable Contactform', 'type' => 'select',
-  'options' => array( 0 => 'No', 1 => 'Yes' ),
-  'default' => 0,
-  'name' => 'disable_contactform', 'value' => $setting->getValue('disable_contactform'),
-  'tooltip' => 'Enable or Disable Contactform. Users will not be able to use the contact form.'
-);
-$aSettings['system'][] = array(
-  'display' => 'Disable Contactform for Guests', 'type' => 'select',
-  'options' => array( 0 => 'No', 1 => 'Yes' ),
-  'default' => 0,
-  'name' => 'disable_contactform_guest', 'value' => $setting->getValue('disable_contactform_guest'),
-  'tooltip' => 'Enable or Disable Contactform for guests. Guests will not be able to use the contact form.'
-);
-$aSettings['system'][] = array(
-  'display' => 'Disable Donors Page', 'type' => 'select',
-  'options' => array( 0 => 'No', 1 => 'Yes'),
-  'default' => 1,
-  'name' => 'disable_donors', 'value' => $setting->getValue('disable_donors'),
-  'tooltip' => 'Showing Donors page in Navigation.'
-);
-$aSettings['system'][] = array(
-  'display' => 'Disable About Page', 'type' => 'select',
-  'options' => array( 0 => 'No', 1 => 'Yes'),
-  'default' => 1,
-  'name' => 'disable_about', 'value' => $setting->getValue('disable_about'),
-  'tooltip' => 'Showing About page in Navigation.'
-);
 $aSettings['system'][] = array(
  'display' => 'Disable Live Dashboard', 'type' => 'select',
  'options' => array( 0 => 'No', 1 => 'Yes'),
--- a/public/include/lib/smarty_plugins/function.acl.php
+++ b/public/include/lib/smarty_plugins/function.acl.php
@ -0,0 +1,29 @@
+<?php
+$smarty->registerPlugin("function","acl_check", "check_acl_access");
+
+function check_acl_access($params, $smarty)
+{
+  $isAuthenticated = isset($_SESSION['AUTHENTICATED']) ? true : false;
+  $iAclSetting = $params['acl'];
+  $sUrl = '<li class="'.$params['icon'].'"><a href="'.$_SERVER['SCRIPT_NAME'].'?page='.$params['page'].'&action='.$params['action'].'">'.$params['name'].'</a></li>';
+  if (isset($params['fallback']))
+    $sFallbackUrl = '<li class="'.$params['icon'].'"><a href="'.$_SERVER['SCRIPT_NAME'].'?page='.$params['page'].'">'.$params['name'].'</a></li>';
+  switch($iAclSetting) {
+  case '0':
+    if ($isAuthenticated) {
+      echo $sUrl;
+    } else if (isset($params['fallback']) && !$isAuthenticated) {
+      echo $sFallbackUrl;
+    }
+    break;
+  case '1':
+      echo $sUrl;
+    break;
+  case '2':
+    break;
+  default:
+    echo $sUrl;
+    break;
+  }
+}
+?>
--- a/public/include/pages/about/donors.inc.php
+++ b/public/include/pages/about/donors.inc.php
@ -1,15 +1,22 @@
 <?php
 $defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;

-if ($setting->getValue('disable_donors')) {
-  $_SESSION['POPUP'][] = array('CONTENT' => 'Donors are currently disabled. Please try again later.', 'TYPE' => 'errormsg');
-  $smarty->assign("CONTENT", "disabled.tpl");
-} else {
+// ACL check
+switch($setting->getValue('acl_donors_page', 1)) {
+case '0':
+  if ($user->isAuthenticated()) {
+    $aDonors = $transaction->getDonations();
+    $smarty->assign("DONORS", $aDonors);
+    $smarty->assign("CONTENT", "default.tpl");
+  }
+  break;
+case '1':
  $aDonors = $transaction->getDonations();
-
-  // Tempalte specifics
  $smarty->assign("DONORS", $aDonors);
  $smarty->assign("CONTENT", "default.tpl");
+  break;
+case '2':
+  $_SESSION['POPUP'][] = array('CONTENT' => 'Page currently disabled. Please try again later.', 'TYPE' => 'errormsg');
+  $smarty->assign("CONTENT", "disabled.tpl");
+  break;
 }
-
-?>
--- a/public/include/pages/about/pool.inc.php
+++ b/public/include/pages/about/pool.inc.php
@ -1,12 +1,18 @@
 <?php
 $defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;

-if ($setting->getValue('disable_about')) {
-  $_SESSION['POPUP'][] = array('CONTENT' => 'Donors are currently disabled. Please try again later.', 'TYPE' => 'errormsg');
-  $smarty->assign("CONTENT", "disabled.tpl");
-} else {
-  // Tempalte specifics
+// ACL check
+switch($setting->getValue('acl_about_page', 1)) {
+case '0':
+  if ($user->isAuthenticated()) {
+    $smarty->assign("CONTENT", "default.tpl");
+  }
+  break;
+case '1':
  $smarty->assign("CONTENT", "default.tpl");
+  break;
+case '2':
+  $_SESSION['POPUP'][] = array('CONTENT' => 'Page currently disabled. Please try again later.', 'TYPE' => 'errormsg');
+  $smarty->assign("CONTENT", "disabled.tpl");
+  break;
 }
-
-?>
--- a/public/include/pages/contactform.inc.php
+++ b/public/include/pages/contactform.inc.php
@ -1,10 +1,10 @@
 <?php
 $defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;

-if ($setting->getValue('disable_contactform')) {
+if ($setting->getValue('acl_contactform') == 2) {
  $_SESSION['POPUP'][] = array('CONTENT' => 'Contactform is currently disabled. Please try again later.', 'TYPE' => 'errormsg');
  $smarty->assign("CONTENT", "empty");
-} else if ($setting->getValue('disable_contactform_guest') && !$user->isAuthenticated(false)) {
+} else if ($setting->getValue('acl_contactform') == 0 && !$user->isAuthenticated(false)) {
  $_SESSION['POPUP'][] = array('CONTENT' => 'Contactform is disabled for guests.', 'TYPE' => 'errormsg');
  $smarty->assign("CONTENT", "disabled.tpl");
 } else {
--- a/public/include/pages/contactform/contactform.inc.php
+++ b/public/include/pages/contactform/contactform.inc.php
@ -2,7 +2,7 @@
 $defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1;

 // ReCaptcha handling if enabled
-if ($setting->getValue('recaptcha_enabled') && $setting->getValue('recaptcha_enabled_contactform')) {
+if ($setting->getValue('recaptcha_enabled') && $setting->getValue('acl_contactform') != 2) {
  require_once(INCLUDE_DIR . '/lib/recaptchalib.php');
  // Load re-captcha specific data
  $rsp = recaptcha_check_answer (
@ -15,9 +15,9 @@ if ($setting->getValue('recaptcha_enabled') && $setting->getValue('recaptcha_ena
  if (!$rsp->is_valid) $_SESSION['POPUP'][] = array('CONTENT' => 'Invalid Captcha, please try again.', 'TYPE' => 'errormsg');
 }

-if ($setting->getValue('disable_contactform')) {
+if ($setting->getValue('acl_contactform') == 2) {
  $_SESSION['POPUP'][] = array('CONTENT' => 'Contactform is currently disabled. Please try again later.', 'TYPE' => 'errormsg');
-} else if ($setting->getValue('disable_contactform') && !$user->isAuthenticated(false)) {
+} else if ($setting->getValue('acl_contactform') == 0 && !$user->isAuthenticated(false)) {
  $_SESSION['POPUP'][] = array('CONTENT' => 'Contactform is disabled for guests.', 'TYPE' => 'errormsg');
 } else {
  // Check if recaptcha is enabled, process form data if valid
--- a/public/include/pages/statistics/blockfinder.inc.php
+++ b/public/include/pages/statistics/blockfinder.inc.php
@ -6,22 +6,26 @@ if (!$smarty->isCached('master.tpl', $smarty_cache_key)) {
  $debug->append('No cached version available, fetching from backend', 3);
  $getBlocksSolvedbyAccount = $statistics->getBlocksSolvedbyAccount();
  $smarty->assign("BLOCKSSOLVEDBYACCOUNT", $getBlocksSolvedbyAccount);
-  
+
  if(isset($_SESSION['USERDATA']['id'])){
    $getBlocksSolvedbyWorker = $statistics->getBlocksSolvedbyWorker($_SESSION['USERDATA']['id']);
    $smarty->assign("BLOCKSSOLVEDBYWORKER", $getBlocksSolvedbyWorker);
  }
-
 } else {
  $debug->append('Using cached page', 3);
 }

-// Public / private page detection
-if ($setting->getValue('acl_blockfinder_statistics')) {
-  $smarty->assign("CONTENT", "finder.tpl");
-} else if ($user->isAuthenticated()) {
-  $smarty->assign("CONTENT", "finder.tpl");
-} else {
+switch($setting->getValue('acl_blockfinder_statistics', 1)) {
+case '0':
+  if ($user->isAuthenticated()) {
+    $smarty->assign("CONTENT", "default.tpl");
+  }
+  break;
+case '1':
  $smarty->assign("CONTENT", "default.tpl");
+  break;
+case '2':
+  $_SESSION['POPUP'][] = array('CONTENT' => 'Page currently disabled. Please try again later.', 'TYPE' => 'errormsg');
+  $smarty->assign("CONTENT", "");
+  break;
 }
-?>
--- a/public/include/pages/statistics/blocks.inc.php
+++ b/public/include/pages/statistics/blocks.inc.php
@ -88,9 +88,17 @@ if (!$smarty->isCached('master.tpl', $smarty_cache_key)) {
  $debug->append('Using cached page', 3);
 }

-if ($setting->getValue('acl_block_statistics')) {
-  $smarty->assign("CONTENT", "default.tpl");
-} else if ($user->isAuthenticated()) {
+switch($setting->getValue('acl_block_statistics', 1)) {
+case '0':
+  if ($user->isAuthenticated()) {
+    $smarty->assign("CONTENT", "default.tpl");
+  }
+  break;
+case '1':
  $smarty->assign("CONTENT", "default.tpl");
+  break;
+case '2':
+  $_SESSION['POPUP'][] = array('CONTENT' => 'Page currently disabled. Please try again later.', 'TYPE' => 'errormsg');
+  $smarty->assign("CONTENT", "");
+  break;
 }
-?>
--- a/public/include/pages/statistics/pool.inc.php
+++ b/public/include/pages/statistics/pool.inc.php
@ -81,12 +81,17 @@ if (!$smarty->isCached('master.tpl', $smarty_cache_key)) {
  $debug->append('Using cached page', 3);
 }

-// Public / private page detection
-if ($setting->getValue('acl_pool_statistics')) {
+switch($setting->getValue('acl_pool_statistics', 1)) {
+case '0':
+  if ($user->isAuthenticated()) {
+    $smarty->assign("CONTENT", "default.tpl");
+  }
+  break;
+case '1':
  $smarty->assign("CONTENT", "default.tpl");
-} else if ($user->isAuthenticated() && ! $setting->getValue('acl_pool_statistics')) {
-  $smarty->assign("CONTENT", "default.tpl");
-} else {
-  $smarty->assign("CONTENT", "../default.tpl");
+  break;
+case '2':
+  $_SESSION['POPUP'][] = array('CONTENT' => 'Page currently disabled. Please try again later.', 'TYPE' => 'errormsg');
+  $smarty->assign("CONTENT", "");
+  break;
 }
-?>
--- a/public/include/pages/statistics/round.inc.php
+++ b/public/include/pages/statistics/round.inc.php
@ -48,11 +48,17 @@ if (!$smarty->isCached('master.tpl', $smarty_cache_key)) {
  $debug->append('Using cached page', 3);
 }

-if ($setting->getValue('acl_round_statistics')) {
+switch($setting->getValue('acl_round_statistics', 1)) {
+case '0':
+  if ($user->isAuthenticated()) {
+    $smarty->assign("CONTENT", "default.tpl");
+  }
+  break;
+case '1':
  $smarty->assign("CONTENT", "default.tpl");
-} else if ($user->isAuthenticated(false)) {
-  $smarty->assign("CONTENT", "default.tpl");
-} else {
-  $smarty->assign("CONTENT", "empty");
+  break;
+case '2':
+  $_SESSION['POPUP'][] = array('CONTENT' => 'Page currently disabled. Please try again later.', 'TYPE' => 'errormsg');
+  $smarty->assign("CONTENT", "");
+  break;
 }
-?>
--- a/public/include/pages/statistics/uptime.inc.php
+++ b/public/include/pages/statistics/uptime.inc.php
@ -13,13 +13,26 @@ if (!$smarty->isCached('master.tpl', $smarty_cache_key)) {
      8 => 'Down',
      9 => 'Down'
    ));
-    $smarty->assign("CONTENT", "default.tpl");
+    $content = 'default.tpl';
  } else {
    $_SESSION['POPUP'][] = array('CONTENT' => 'UptimeRobot API Key not configured.', 'TYPE' => 'info');
-    $smarty->assign("CONTENT", "");
+    $content = '';
  }
 } else {
  $debug->append('Using cached page', 3);
 }

-?>
+switch($setting->getValue('acl_uptime_statistics', 1)) {
+case '0':
+  if ($user->isAuthenticated()) {
+    $smarty->assign("CONTENT", $content);
+  }
+  break;
+case '1':
+  $smarty->assign("CONTENT", $content);
+  break;
+case '2':
+  $_SESSION['POPUP'][] = array('CONTENT' => 'Page currently disabled. Please try again later.', 'TYPE' => 'errormsg');
+  $smarty->assign("CONTENT", "");
+  break;
+}
--- a/public/include/smarty.inc.php
+++ b/public/include/smarty.inc.php
@ -170,4 +170,7 @@ if ($config['smarty']['cache']) {
  $smarty->escape_html = true;
  $smarty->use_sub_dirs = true;
 }
+
+// Load custom smarty plugins
+require_once(INCLUDE_DIR . '/lib/smarty_plugins/function.acl.php');
 ?>
--- a/public/include/smarty_globals.inc.php
+++ b/public/include/smarty_globals.inc.php
@ -120,6 +120,9 @@ $aGlobal['acl']['block']['statistics'] = $setting->getValue('acl_block_statistic
 $aGlobal['acl']['round']['statistics'] = $setting->getValue('acl_round_statistics');
 $aGlobal['acl']['blockfinder']['statistics'] = $setting->getValue('acl_blockfinder_statistics');
 $aGlobal['acl']['uptime']['statistics'] = $setting->getValue('acl_uptime_statistics');
+$aGlobal['acl']['donors']['page'] = $setting->getValue('acl_donors_page');
+$aGlobal['acl']['about']['page'] = $setting->getValue('acl_about_page');
+$aGlobal['acl']['contactform'] = $setting->getValue('acl_contactform');

 // We don't want these session infos cached
 if (@$_SESSION['USERDATA']['id']) {
--- a/public/templates/mpos/global/navigation.tpl
+++ b/public/templates/mpos/global/navigation.tpl
@ -28,63 +28,30 @@
      <li class="icon-pencil"><a href="{$smarty.server.SCRIPT_NAME}?page=admin&action=templates">Templates</a></li>
    </ul>
    {/if}
-    {if $smarty.session.AUTHENTICATED|default}
    <h3>Statistics</h3>
    <ul class="toggle">
-      <li class="icon-align-left"><a href="{$smarty.server.SCRIPT_NAME}?page=statistics&action=pool">Pool</a></li>
-      <li class="icon-th-large"><a href="{$smarty.server.SCRIPT_NAME}?page=statistics&action=blocks">Blocks</a></li>
-      <li class="icon-chart"><a href="{$smarty.server.SCRIPT_NAME}?page=statistics&action=graphs">Graphs</a></li>
-      <li class="icon-record"><a href="{$smarty.server.SCRIPT_NAME}?page=statistics&action=round">Round</a></li>
-      <li class="icon-search"><a href="{$smarty.server.SCRIPT_NAME}?page=statistics&action=blockfinder">Finder</a></li>
-      {if $GLOBAL.config.monitoring_uptimerobot_api_keys|default:"0"}<li class="icon-bell"><a href="{$smarty.server.SCRIPT_NAME}?page=statistics&action=uptime">Uptime</a></li>{/if}
+     {acl_check icon='icon-align-left' page='statistics' action='pool' name='Pool' acl=$GLOBAL.acl.pool.statistics fallback='page=statistics'}
+     {acl_check icon='icon-th-large' page='statistics' action='blocks' name='Blocks' acl=$GLOBAL.acl.block.statistics}
+     {acl_check icon='icon-chart' page='statistics' action='round' name='Round' acl=$GLOBAL.acl.round.statistics}
+     {acl_check icon='icon-search' page='statistics' action='blockfinder' name='Blockfinder' acl=$GLOBAL.acl.blockfinder.statistics}
+     {acl_check icon='icon-bell' page='statistics' action='uptime' name='Uptime' acl=$GLOBAL.acl.uptime.statistics}
    </ul>
-    {else}
-    <h3>Statistics</h3>
-    <ul class="toggle">
-     {if $GLOBAL.acl.pool.statistics}
-     <li class="icon-align-left"><a href="{$smarty.server.SCRIPT_NAME}?page=statistics&action=pool">Pool</a></li>
-     {else}
-     <li class="icon-align-left"><a href="{$smarty.server.SCRIPT_NAME}?page=statistics">Statistics</a>
-     {/if}
-     {if $GLOBAL.acl.block.statistics}
-     <li class="icon-th-large"><a href="{$smarty.server.SCRIPT_NAME}?page=statistics&action=blocks">Blocks</a></li>
-     {/if}
-     {if $GLOBAL.acl.round.statistics}
-     <li class="icon-chart"><a href="{$smarty.server.SCRIPT_NAME}?page=statistics&action=round">Round</a></li>
-     {/if}
-     {if $GLOBAL.acl.blockfinder.statistics}
-     <li class="icon-search"><a href="{$smarty.server.SCRIPT_NAME}?page=statistics&action=blockfinder">Finder</a></li>
-     {/if}
-     {if $GLOBAL.acl.uptime.statistics}
-     {if $GLOBAL.config.monitoring_uptimerobot_api_keys|default:"0"}<li class="icon-bell"><a href="{$smarty.server.SCRIPT_NAME}?page=statistics&action=uptime">Uptime</a></li>{/if}
-     {/if}
-    </ul>
-    {/if}
    <h3>Help</h3>
    <ul class="toggle">
      <li class="icon-desktop"><a href="{$smarty.server.SCRIPT_NAME}?page=gettingstarted">Getting Started</a></li>
-      {if !$GLOBAL.website.about.disabled}
-      <li class="icon-doc"><a href="{$smarty.server.SCRIPT_NAME}?page=about&action=pool">About</a></li>
-      {/if}
-      {if !$GLOBAL.website.donors.disabled}
-      <li class="icon-money"><a href="{$smarty.server.SCRIPT_NAME}?page=about&action=donors">Donors</a></li>
-      {/if}
+      {acl_check icon='icon-doc' page='about' action='pool' name='About' acl=$GLOBAL.acl.about.page}
+      {acl_check icon='icon-money' page='about' action='donors' name='Donors' acl=$GLOBAL.acl.donors.page}
    </ul>
    <h3>Other</h3>
    <ul class="toggle">
      {if $smarty.session.AUTHENTICATED|default:"0" == 1}
-      {if $GLOBAL.config.disable_contactform|default:"0" != 1}
-      <li class="icon-mail"><a href="{$smarty.server.SCRIPT_NAME}?page=contactform">Contact</a></li>
-      {/if}
      <li class="icon-off"><a href="{$smarty.server.SCRIPT_NAME}?page=logout">Logout</a></li>
      {else}
      <li class="icon-login"><a href="{$smarty.server.SCRIPT_NAME}?page=login">Login</a></li>
      <li class="icon-pencil"><a href="{$smarty.server.SCRIPT_NAME}?page=register">Sign Up</a></li>
-      {if $GLOBAL.config.disable_contactform|default:"0" != 1}
-      <li class="icon-mail"><a href="{$smarty.server.SCRIPT_NAME}?page=contactform">Contact</a></li>
      {/if}
+      {acl_check icon='icon-mail' page='contactform' action='' name='Contact' acl=$GLOBAL.acl.contactform}
      <li class="icon-doc"><a href="{$smarty.server.SCRIPT_NAME}?page=tac">Terms and Conditions</a></li>
-      {/if}
    </ul>
    <ul>
      <hr/>
--- a/public/templates/mpos/statistics/blockfinder/default.tpl
+++ b/public/templates/mpos/statistics/blockfinder/default.tpl
@ -0,0 +1,4 @@
+{include file="statistics/blockfinder/finder_top.tpl"}
+{if $smarty.session.AUTHENTICATED|default}
+{include file="statistics/blockfinder/finder_own.tpl" ALIGN="right" SHORT=true}
+{/if}
--- a/public/templates/mpos/statistics/blockfinder/finder.tpl
+++ b/public/templates/mpos/statistics/blockfinder/finder.tpl
@ -1,4 +0,0 @@
-{include file="statistics/blockfinder/finder_top.tpl"}
-{if $smarty.session.AUTHENTICATED|default}
-{include file="statistics/blockfinder/finder_own.tpl" ALIGN="right" SHORT=true}
-{/if}