claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Pass a version object into user::hasAppVersionModifyPermission() instead of

Browse Source 
the integer that is the index of the version in the database.
This commit is contained in:
Chris Morgan
2006-01-23 02:10:31 +00:00
committed by WineHQ
parent 488c74dbf0
commit e7935b1f4f
7 changed files with 25 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
admin/adminAppQueue.php
View File

@@ -104,13 +104,12 @@ if ($_REQUEST['sub'])
else if($_REQUEST['apptype'] == 'version')
{
/* make sure the user has permission to view this version */
if(!$_SESSION['current']->hasAppVersionModifyPermission($_REQUEST['versionId']))
$oVersion = new Version($_REQUEST['versionId']);
if(!$_SESSION['current']->hasAppVersionModifyPermission($oVersion))
{
errorpage("Insufficient privileges.");
exit;
}
$oVersion = new Version($_REQUEST['versionId']);
} else
{
//error no Id!

3
admin/adminTestResults.php
View File

@@ -16,7 +16,8 @@ require_once(BASE."include/distributions.php");
if ($_REQUEST['sub'])
{
$oTest = new testData($_REQUEST['iTestingId']);
if (!($_SESSION['current']->hasAppVersionModifyPermission($oTest->iVersionId)))
$oVersion = new Version($oTest->iVersionId);
if(!($_SESSION['current']->hasAppVersionModifyPermission($oVersion)))
{
errorpage("Insufficient privileges.");
exit;

2
appsubmit.php
View File

@@ -95,7 +95,7 @@ if ($_REQUEST['sub'])
$oVersion = new Version($_REQUEST['versionId']);
// make sure the user has permission to view this version
if(!$_SESSION['current']->hasAppVersionModifyPermission($oVersion->versionId) &&
if(!$_SESSION['current']->hasAppVersionModifyPermission($oVersion) &&
(($oVersion->queued=="false")?true:false) &&
!$_SESSION['current']->isVersionSubmitter($oVersion->versionId))
{

2
distributionView.php
View File

@@ -140,7 +140,7 @@ else
echo '<td>'.$oTest->sInstalls.'&nbsp</td>',"\n";
echo '<td>'.$oTest->sRuns.'&nbsp</td>',"\n";
echo '<td>'.$oTest->sTestedRating.'&nbsp</td>',"\n";
if ($_SESSION['current']->hasAppVersionModifyPermission($oTest->iVersionId))
if ($_SESSION['current']->hasAppVersionModifyPermission($oVersion))
{
echo '<td><a href="'.BASE.'admin/adminTestResults.php?sub=view&iTestingId='.$oTest->iTestingId.'">',"\n";
echo 'Edit</a></td>',"\n";

20
include/testResults.php
View File

@@ -62,8 +62,9 @@ class testData{
function create()
{
// Security, if we are not an administrator or an maintainer the test result must be queued.
$oVersion = new Version($oTest->iVersionId);
if(!$_SESSION['current']->hasPriv("admin") &&
!$_SESSION['current']->hasAppVersionModifyPermission($oTest->iVersionId))
!$_SESSION['current']->hasAppVersionModifyPermission($oVersion))
$this->sQueued = 'true';
else
$this->sQueued = 'false';
@@ -99,8 +100,9 @@ class testData{
function update($bSilent=false)
{
// is the current user allowed to update this testing result?
$oVersion = new Version($this->iVersionId);
if(!$_SESSION['current']->hasPriv("admin") &&
!$_SESSION['current']->hasAppVersionModifyPermission($this->iVersionId) &&
!$_SESSION['current']->hasAppVersionModifyPermission($oVersion) &&
!(($_SESSION['current']->iUserId == $this->iSubmitterId) && !($this->sQueued == 'false')))
{
return;
@@ -132,8 +134,9 @@ class testData{
function delete($bSilent=false)
{
// is the current user allowed to delete this testing result?
$oVersion = new Version($this->iVersionId);
if(!$_SESSION['current']->hasPriv("admin") &&
!$_SESSION['current']->hasAppVersionModifyPermission($this->iVersionId) &&
!$_SESSION['current']->hasAppVersionModifyPermission($oVersion) &&
!(($_SESSION['current']->iUserId == $this->iSubmitterId) && !($this->sQueued == 'false')))
{
return;
@@ -158,7 +161,9 @@ class testData{
function unQueue()
{
// is the current user allowed to delete this testing data?
if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->hasAppVersionModifyPermission($this->iVersionId))
$oVersion = new Version($this->iVersionId);
if(!$_SESSION['current']->hasPriv("admin") &&
!$_SESSION['current']->hasAppVersionModifyPermission($oVersion))
{
return;
}
@@ -180,7 +185,9 @@ class testData{
function Reject()
{
// is the current user allowed to delete this testing data?
if(!$_SESSION['current']->hasPriv("admin") && !$_SESSION['current']->hasAppVersionModifyPermission($this->iVersionId))
$oVersion = new Version($this->iVersionId);
if(!$_SESSION['current']->hasPriv("admin") &&
!$_SESSION['current']->hasAppVersionModifyPermission($oVersion))
{
return;
}
@@ -202,8 +209,9 @@ class testData{
function ReQueue()
{
// is the current user allowed to requeue this data
$oVersion = new Version($this->iVersionId);
if(!$_SESSION['current']->hasPriv("admin") &&
!$_SESSION['current']->hasAppVersionModifyPermission($this->iVersionId) &&
!$_SESSION['current']->hasAppVersionModifyPermission($oVersion) &&
!$_SESSION['current']->iUserId == $this->iSubmitterId)
{
return;

6
include/user.php
View File

@@ -931,7 +931,7 @@ class User {
if($this->hasPriv("admin"))
return true;
if($this->hasAppVersionModifyPermission($oVersion->iVersionId))
if($this->hasAppVersionModifyPermission($oVersion))
return true;
return false;
@@ -945,7 +945,7 @@ class User {
if($this->hasPriv("admin"))
return true;
if($this->hasAppVersionModifyPermission($oVersion->iVersionId))
if($this->hasAppVersionModifyPermission($oVersion))
return true;
return false;
@@ -959,7 +959,7 @@ class User {
if($this->hasPriv("admin"))
return true;
if($this->hasAppVersionModifyPermission($oVersion->iVersionId))
if($this->hasAppVersionModifyPermission($oVersion))
return true;
if(($this->iUserId == $oVersion->iSubmitterId) &&

3
testResults.php
View File

@@ -69,8 +69,9 @@ if ($_REQUEST['sub'])
if(is_numeric($_REQUEST['iTestingId']))
{
// make sure the user has permission to view this testing result
$oVersion = new Version($oTest->iVersionId);
if(!$_SESSION['current']->hasPriv("admin") &&
!$_SESSION['current']->hasAppVersionModifyPermission($oTest->iVersionId)&&
!$_SESSION['current']->hasAppVersionModifyPermission($oVersion)&&
!(($_SESSION['current']->iUserId == $oTest->iSubmitterId) && !($oTest->sQueued == 'false')))
{
errorpage("Insufficient privileges.");