From d90433899abff0bd9f5cf6e459e6d51d619bdaa5 Mon Sep 17 00:00:00 2001
From: Jonathan Ernst <Jonathan@ernstfamily.ch>
Date: Mon, 14 Feb 2005 18:22:38 +0000
Subject: [PATCH] - allow supermaintainers AND maintainers to edit app version
 - remove redundant permission check when editting notes

---
 admin/editAppNote.php    | 2 +-
 admin/editAppVersion.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/admin/editAppNote.php b/admin/editAppNote.php
index 4f01240..590e746 100644
--- a/admin/editAppNote.php
+++ b/admin/editAppNote.php
@@ -18,7 +18,7 @@ if(!is_numeric($_REQUEST['noteId']))
 $oNote = new Note($_REQUEST['noteId']);
 
 /* Check for privs */
-if(!$_SESSION['current']->isLoggedIn() || (!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintainer($oNote->iVersionId) && !isSuperMaintainer($oNote->iAppId)) )
+if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintainer($oNote->iVersionId) && !isSuperMaintainer($oNote->iAppId))
 {
     errorpage("Insufficient Privileges!");
     exit;
diff --git a/admin/editAppVersion.php b/admin/editAppVersion.php
index 0e20fb8..ac464ed 100644
--- a/admin/editAppVersion.php
+++ b/admin/editAppVersion.php
@@ -12,7 +12,7 @@ if(!is_numeric($_REQUEST['appId']) OR !is_numeric($_REQUEST['versionId']))
 }
 
 /* Check for admin privs */
-if(!($_SESSION['current']->hasPriv("admin") || $_SESSION['current']->isMaintainer($_REQUEST['appId'],$_REQUEST['versionId'])))
+if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintainer($_REQUEST['versionId']) && !isSuperMaintainer($_REQUEST['appId']))
 {
     errorpage("Insufficient Privileges!");
     exit;