From: garvinhicking Date: Wed, 14 Sep 2005 08:12:24 +0000 (+0000) Subject: Only apply BC-category ACL in backend, not in frontend. X-Git-Tag: 0.9~145 X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=a0c6a3cf0f501b8d547d6ba571be31b487c5c140;p=s9y.git Only apply BC-category ACL in backend, not in frontend. Before the category ACLs, the authorid of a category indicated who can WRITE to entries, but this was now used to indicate also who can read entries in a specific category. But of course that old BC should apply seamlessly when upgrading. Hard to describe, nobody probably reads this anway. Thanks a bunch to Sebastian Bergmann for debugging this with me. :) --- diff --git a/include/functions_config.inc.php b/include/functions_config.inc.php index 90c2d4a..ee89d55 100644 --- a/include/functions_config.inc.php +++ b/include/functions_config.inc.php @@ -1046,7 +1046,7 @@ function serendipity_ACLCheck($authorid, $artifact_id, $artifact_type, $artifact function serendipity_ACL_SQL(&$cond, $append_category = false) { global $serendipity; - if (!isset($serendipity['enableACL']) || $serendipity['enableACL'] === true) { + if (!isset($serendipity['enableACL']) || $serendipity['enableACL'] == true) { if ($_SESSION['serendipityAuthedUser'] === true) { $read_id = (int)$serendipity['authorid']; $read_id_sql = 'acl_a.groupid'; @@ -1081,10 +1081,15 @@ function serendipity_ACL_SQL(&$cond, $append_category = false) { $cond['and'] .= ' AND '; } + // When in Admin-Mode, apply readership permissions. $cond['and'] .= " ( c.categoryid IS NULL - OR (acl_acc.artifact_id IS NULL - AND (c.authorid = 0 OR c.authorid = " . $read_id . ") + OR ( acl_acc.artifact_id IS NULL + " . (isset($serendipity['GET']['adminModule']) && + $serendipity['GET']['adminModule'] == 'entries' && + !serendipity_checkPermission('adminEntriesMaintainOthers') + ? "AND (c.authorid = 0 OR c.authorid = " . $read_id . ")" + : "") . " ) )"; return true;