From: garvinhicking Date: Mon, 6 Jun 2005 07:45:00 +0000 (+0000) Subject: Change of behavior: If a user does not have a certain privilege, he should not be... X-Git-Tag: 0.9~420 X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=92a22a4f1fe7980a34786afe082a355704903934;p=s9y.git Change of behavior: If a user does not have a certain privilege, he should not be able to set that privilege for others / other groups --- diff --git a/include/admin/groups.inc.php b/include/admin/groups.inc.php index 323822b..1897924 100644 --- a/include/admin/groups.inc.php +++ b/include/admin/groups.inc.php @@ -153,7 +153,7 @@ foreach($allusers AS $user) { $section = $perm; } - if (in_array('protected', $userlevels, true) && !serendipity_checkPermission($perm)) { + if (!serendipity_checkPermission($perm)) { echo "\n"; echo "$indent" . htmlspecialchars($perm) . "\n"; echo '' . $indentB . ' ' . (!empty($selected) ? YES : NO) . '' . "\n"; diff --git a/include/functions_config.inc.php b/include/functions_config.inc.php index 961a40c..06b9ebf 100644 --- a/include/functions_config.inc.php +++ b/include/functions_config.inc.php @@ -567,7 +567,7 @@ function serendipity_getPermissionNames() { 'adminUsersMaintainSame' => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF), 'adminUsersMaintainOthers' - => array('protected', USERLEVEL_ADMIN), + => array(USERLEVEL_ADMIN), 'adminUsersCreateNew' => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF), 'adminUsersGroups' @@ -862,8 +862,12 @@ function serendipity_updateGroupConfig($groupid, &$perms, &$values) { $value = 'false'; } - if (in_array('protected', $userlevels) && !serendipity_checkPermission($perm)) { - $value = $storage[$perm]; + if (!serendipity_checkPermission($perm)) { + if (!isset($storage[$perm])) { + $value = 'false'; + } else { + $value = $storage[$perm]; + } } serendipity_db_query(