]> git.mjollnir.org Git - s9y.git/commitdiff
projects / s9y.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6e5401e)
Only apply BC-category ACL in backend, not in frontend.
authorgarvinhicking <garvinhicking>
Wed, 14 Sep 2005 08:12:24 +0000 (08:12 +0000)
committergarvinhicking <garvinhicking>
Wed, 14 Sep 2005 08:12:24 +0000 (08:12 +0000)
Before the category ACLs, the authorid of a category indicated who can WRITE to entries, but this was now used to indicate also who can read entries in a specific category. But of course that old BC should apply seamlessly when upgrading.

Hard to describe, nobody probably reads this anway. Thanks a bunch to Sebastian Bergmann for debugging this with me. :)

include/functions_config.inc.php patch | blob | history

diff --git a/include/functions_config.inc.php b/include/functions_config.inc.php
index 90c2d4a66db6eff81fe95edce29119f27c77e14c..ee89d5575df6c52efe69baba5b93854663993b3e 100644 (file)
--- a/include/functions_config.inc.php
+++ b/include/functions_config.inc.php
@@ -1046,7 +1046,7 @@ function serendipity_ACLCheck($authorid, $artifact_id, $artifact_type, $artifact
 function serendipity_ACL_SQL(&$cond, $append_category = false) {
     global $serendipity;
 
-    if (!isset($serendipity['enableACL']) || $serendipity['enableACL'] === true) {
+    if (!isset($serendipity['enableACL']) || $serendipity['enableACL'] == true) {
         if ($_SESSION['serendipityAuthedUser'] === true) {
             $read_id = (int)$serendipity['authorid'];
             $read_id_sql = 'acl_a.groupid';
@@ -1081,10 +1081,15 @@ function serendipity_ACL_SQL(&$cond, $append_category = false) {
             $cond['and'] .= ' AND ';
         }
 
+        // When in Admin-Mode, apply readership permissions.
         $cond['and'] .= "    (
                                  c.categoryid IS NULL 
-                                 OR (acl_acc.artifact_id IS NULL 
-                                     AND (c.authorid = 0 OR c.authorid = " . $read_id . ")
+                                 OR ( acl_acc.artifact_id IS NULL 
+                                      " . (isset($serendipity['GET']['adminModule']) && 
+                                           $serendipity['GET']['adminModule'] == 'entries' && 
+                                           !serendipity_checkPermission('adminEntriesMaintainOthers') 
+                                        ? "AND (c.authorid = 0 OR c.authorid = " . $read_id . ")"
+                                        : "") . "
                                     )
                                )";
         return true;
import of upstream's svn repo, along with my own branches