claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Pass a version object into user::hasAppVersionModifyPermission() instead of

Browse Source 
the integer that is the index of the version in the database.
This commit is contained in:
Chris Morgan
2006-01-23 02:10:31 +00:00
committed by WineHQ
parent 488c74dbf0
commit e7935b1f4f
7 changed files with 25 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
admin/adminAppQueue.php
View File

@@ -104,13 +104,12 @@ if ($_REQUEST['sub'])
else if($_REQUEST['apptype'] == 'version') else if($_REQUEST['apptype'] == 'version')
{ {
/* make sure the user has permission to view this version */ /* make sure the user has permission to view this version */
if(!$_SESSION['current']->hasAppVersionModifyPermission($_REQUEST['versionId'])) $oVersion = new Version($_REQUEST['versionId']);
if(!$_SESSION['current']->hasAppVersionModifyPermission($oVersion))
{ {
errorpage("Insufficient privileges."); errorpage("Insufficient privileges.");
exit; exit;
} }
$oVersion = new Version($_REQUEST['versionId']);
} else } else
{ {
//error no Id! //error no Id!

3
admin/adminTestResults.php
View File

@@ -16,7 +16,8 @@ require_once(BASE."include/distributions.php");
if ($_REQUEST['sub']) if ($_REQUEST['sub'])
{ {
$oTest = new testData($_REQUEST['iTestingId']); $oTest = new testData($_REQUEST['iTestingId']);
if (!($_SESSION['current']->hasAppVersionModifyPermission($oTest->iVersionId))) $oVersion = new Version($oTest->iVersionId);
if(!($_SESSION['current']->hasAppVersionModifyPermission($oVersion)))
{ {
errorpage("Insufficient privileges."); errorpage("Insufficient privileges.");
exit; exit;

2
appsubmit.php
View File

@@ -95,7 +95,7 @@ if ($_REQUEST['sub'])
$oVersion = new Version($_REQUEST['versionId']); $oVersion = new Version($_REQUEST['versionId']);
// make sure the user has permission to view this version // make sure the user has permission to view this version
if(!$_SESSION['current']->hasAppVersionModifyPermission($oVersion->versionId) && if(!$_SESSION['current']->hasAppVersionModifyPermission($oVersion) &&
(($oVersion->queued=="false")?true:false) && (($oVersion->queued=="false")?true:false) &&
!$_SESSION['current']->isVersionSubmitter($oVersion->versionId)) !$_SESSION['current']->isVersionSubmitter($oVersion->versionId))
{ {

2
distributionView.php
View File

@@ -140,7 +140,7 @@ else
echo '<td>'.$oTest->sInstalls.'&nbsp</td>',"\n"; echo '<td>'.$oTest->sInstalls.'&nbsp</td>',"\n";
echo '<td>'.$oTest->sRuns.'&nbsp</td>',"\n"; echo '<td>'.$oTest->sRuns.'&nbsp</td>',"\n";
echo '<td>'.$oTest->sTestedRating.'&nbsp</td>',"\n"; echo '<td>'.$oTest->sTestedRating.'&nbsp</td>',"\n";
if ($_SESSION['current']->hasAppVersionModifyPermission($oTest->iVersionId)) if ($_SESSION['current']->hasAppVersionModifyPermission($oVersion))
{ {
echo '<td><a href="'.BASE.'admin/adminTestResults.php?sub=view&iTestingId='.$oTest->iTestingId.'">',"\n"; echo '<td><a href="'.BASE.'admin/adminTestResults.php?sub=view&iTestingId='.$oTest->iTestingId.'">',"\n";
echo 'Edit</a></td>',"\n"; echo 'Edit</a></td>',"\n";

20
include/testResults.php
View File

@@ -62,8 +62,9 @@ class testData{
function create() function create()
{ {
// Security, if we are not an administrator or an maintainer the test result must be queued. // Security, if we are not an administrator or an maintainer the test result must be queued.
$oVersion = new Version($oTest->iVersionId);
if(!$_SESSION['current']->hasPriv("admin") && if(!$_SESSION['current']->hasPriv("admin") &&
!$_SESSION['current']->hasAppVersionModifyPermission($oTest->iVersionId)) !$_SESSION['current']->hasAppVersionModifyPermission($oVersion))
$this->sQueued = 'true'; $this->sQueued = 'true';
else else
$this->sQueued = 'false'; $this->sQueued = 'false';
@@ -99,8 +100,9 @@ class testData{
function update($bSilent=false) function update($bSilent=false)
{ {
// is the current user allowed to update this testing result? // is the current user allowed to update this testing result?
$oVersion = new Version($this->iVersionId);
if(!$_SESSION['current']->hasPriv("admin") && if(!$_SESSION['current']->hasPriv("admin") &&
!$_SESSION['current']->hasAppVersionModifyPermission($this->iVersionId) && !$_SESSION['current']->hasAppVersionModifyPermission($oVersion) &&
!(($_SESSION['current']->iUserId == $this->iSubmitterId) && !($this->sQueued == 'false'))) !(($_SESSION['current']->iUserId == $this->iSubmitterId) && !($this->sQueued == 'false')))
{ {
return; return;
@@ -132,8 +134,9 @@ class testData{
function delete($bSilent=false) function delete($bSilent=false)
{ {
// is the current user allowed to delete this testing result? // is the current user allowed to delete this testing result?
$oVersion = new Version($this->iVersionId);
if(!$_SESSION['current']->hasPriv("admin") && if(!$_SESSION['current']->hasPriv("admin") &&
!$_SESSION['current']->hasAppVersionModifyPermission($this->iVersionId) && !$_SESSION['current']->hasAppVersionModifyPermission($oVersion) &&
!(($_SESSION['current']->iUserId == $this->iSubmitterId) && !($this->sQueued == 'false'))) !(($_SESSION['current']->iUserId == $this->iSubmitterId) && !($this->sQueued == 'false')))
{ {
return; return;
@@ -158,7 +161,9 @@ class testData{
function unQueue() function unQueue()
{ {
// is the current user allowed to delete this testing data? // is the current user allowed to delete this testing data?
if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->hasAppVersionModifyPermission($this->iVersionId)) $oVersion = new Version($this->iVersionId);
if(!$_SESSION['current']->hasPriv("admin") &&
!$_SESSION['current']->hasAppVersionModifyPermission($oVersion))
{ {
return; return;
} }
@@ -180,7 +185,9 @@ class testData{
function Reject() function Reject()
{ {
// is the current user allowed to delete this testing data? // is the current user allowed to delete this testing data?
if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->hasAppVersionModifyPermission($this->iVersionId)) $oVersion = new Version($this->iVersionId);
if(!$_SESSION['current']->hasPriv("admin") &&
!$_SESSION['current']->hasAppVersionModifyPermission($oVersion))
{ {
return; return;
} }
@@ -202,8 +209,9 @@ class testData{
function ReQueue() function ReQueue()
{ {
// is the current user allowed to requeue this data // is the current user allowed to requeue this data
$oVersion = new Version($this->iVersionId);
if(!$_SESSION['current']->hasPriv("admin") && if(!$_SESSION['current']->hasPriv("admin") &&
!$_SESSION['current']->hasAppVersionModifyPermission($this->iVersionId) && !$_SESSION['current']->hasAppVersionModifyPermission($oVersion) &&
!$_SESSION['current']->iUserId == $this->iSubmitterId) !$_SESSION['current']->iUserId == $this->iSubmitterId)
{ {
return; return;

6
include/user.php
View File

@@ -931,7 +931,7 @@ class User {
if($this->hasPriv("admin")) if($this->hasPriv("admin"))
return true; return true;
if($this->hasAppVersionModifyPermission($oVersion->iVersionId)) if($this->hasAppVersionModifyPermission($oVersion))
return true; return true;
return false; return false;
@@ -945,7 +945,7 @@ class User {
if($this->hasPriv("admin")) if($this->hasPriv("admin"))
return true; return true;
if($this->hasAppVersionModifyPermission($oVersion->iVersionId)) if($this->hasAppVersionModifyPermission($oVersion))
return true; return true;
return false; return false;
@@ -959,7 +959,7 @@ class User {
if($this->hasPriv("admin")) if($this->hasPriv("admin"))
return true; return true;
if($this->hasAppVersionModifyPermission($oVersion->iVersionId)) if($this->hasAppVersionModifyPermission($oVersion))
return true; return true;
if(($this->iUserId == $oVersion->iSubmitterId) && if(($this->iUserId == $oVersion->iSubmitterId) &&

3
testResults.php
View File

@@ -69,8 +69,9 @@ if ($_REQUEST['sub'])
if(is_numeric($_REQUEST['iTestingId'])) if(is_numeric($_REQUEST['iTestingId']))
{ {
// make sure the user has permission to view this testing result // make sure the user has permission to view this testing result
$oVersion = new Version($oTest->iVersionId);
if(!$_SESSION['current']->hasPriv("admin") && if(!$_SESSION['current']->hasPriv("admin") &&
!$_SESSION['current']->hasAppVersionModifyPermission($oTest->iVersionId)&& !$_SESSION['current']->hasAppVersionModifyPermission($oVersion)&&
!(($_SESSION['current']->iUserId == $oTest->iSubmitterId) && !($oTest->sQueued == 'false'))) !(($_SESSION['current']->iUserId == $oTest->iSubmitterId) && !($oTest->sQueued == 'false')))
{ {
errorpage("Insufficient privileges."); errorpage("Insufficient privileges.");