From: garvinhicking <garvinhicking>
Date: Mon, 12 Sep 2005 13:01:15 +0000 (+0000)
Subject: permission check fix, thanks to Robin Kroha
X-Git-Tag: 0.9~152
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=03e1dd1e874b7a408c2dbe9ece358aaff834ba29;p=s9y.git

permission check fix, thanks to Robin Kroha
---

diff --git a/include/admin/category.inc.php b/include/admin/category.inc.php
index e49bf82..6c1c92c 100644
--- a/include/admin/category.inc.php
+++ b/include/admin/category.inc.php
@@ -57,7 +57,7 @@ if (isset($_POST['SAVE'])) {
                                                     AND categoryid <> ". (int)$serendipity['GET']['cid'], true);
             if ( $sql ) {
                 echo '<div class="serendipityAdminMsgError">'. sprintf(CATEGORY_ALREADY_EXIST, htmlspecialchars($name)) .'</div>';
-            } else if (!serendipity_ACLCheck($serendipity['authorid'], $serendipity['GET']['cid'], 'category', 'write')) {
+            } else if (!serendipity_checkPermission('adminCategoriesMaintainOthers') && !serendipity_ACLCheck($serendipity['authorid'], $serendipity['GET']['cid'], 'category', 'write')) {
                 echo '<div class="serendipityAdminMsgError">'. PERM_DENIED .'</div>';
             } else {
                 /* Check to make sure parent is not a child of self */
diff --git a/include/functions_config.inc.php b/include/functions_config.inc.php
index 3b307c9..a231397 100644
--- a/include/functions_config.inc.php
+++ b/include/functions_config.inc.php
@@ -1009,6 +1009,8 @@ function serendipity_ACLCheck($authorid, $artifact_id, $artifact_type, $artifact
     global $serendipity;
     
     $artifact_sql = array();
+    
+    // TODO: If more artifact_types are available, the JOIN needs to be edited so that the first AND portion is not required, and the join is fully made on that conditiion. 
     switch($artifact_type) {
         default:
         case 'category':
@@ -1023,12 +1025,11 @@ function serendipity_ACLCheck($authorid, $artifact_id, $artifact_type, $artifact
    LEFT OUTER JOIN {$serendipity['dbPrefix']}authorgroups AS ag
                 ON ag.authorid = ". (int)$authorid . "
    LEFT OUTER JOIN {$serendipity['dbPrefix']}access AS a 
-                ON (ag.groupid = a.groupid OR a.groupid = 0)
+                ON (a.artifact_id = " . (int)$artifact_id . " AND (ag.groupid = a.groupid OR a.groupid = 0) )
 
              WHERE {$artifact_sql['cond']} 
                AND ((
-                        a.artifact_id = " . (int)$artifact_id . "
-                    AND a.artifact_type = '" . serendipity_db_escape_string($artifact_type) . "'
+                        a.artifact_type = '" . serendipity_db_escape_string($artifact_type) . "'
                     AND a.artifact_mode = '" . serendipity_db_escape_string($artifact_mode) . "'
                    )
                     {$artifact_sql['where']}