- allow supermaintainers AND maintainers to edit app version

- remove redundant permission check when editting notes
2005-02-14 18:22:38 +00:00
parent f5e76d5d48
commit d90433899a
2 changed files with 2 additions and 2 deletions
--- a/admin/editAppNote.php
+++ b/admin/editAppNote.php
@@ -18,7 +18,7 @@ if(!is_numeric($_REQUEST['noteId']))
 $oNote = new Note($_REQUEST['noteId']);

 /* Check for privs */
-if(!$_SESSION['current']->isLoggedIn() || (!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintainer($oNote->iVersionId) && !isSuperMaintainer($oNote->iAppId)) )
+if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintainer($oNote->iVersionId) && !isSuperMaintainer($oNote->iAppId))
 {
    errorpage("Insufficient Privileges!");
    exit;
--- a/admin/editAppVersion.php
+++ b/admin/editAppVersion.php
@@ -12,7 +12,7 @@ if(!is_numeric($_REQUEST['appId']) OR !is_numeric($_REQUEST['versionId']))
 }

 /* Check for admin privs */
-if(!($_SESSION['current']->hasPriv("admin") || $_SESSION['current']->isMaintainer($_REQUEST['appId'],$_REQUEST['versionId'])))
+if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->isMaintainer($_REQUEST['versionId']) && !isSuperMaintainer($_REQUEST['appId']))
 {
    errorpage("Insufficient Privileges!");
    exit;