[Fusionforge-commits] r8547 - trunk/gforge/www/tracker/admin

Alain Peyrat aljeux at libremir.placard.fr.eu.org
Wed Dec 16 20:57:08 CET 2009


Author: aljeux
Date: 2009-12-16 20:57:07 +0100 (Wed, 16 Dec 2009)
New Revision: 8547

Modified:
   trunk/gforge/www/tracker/admin/ind.php
Log:
Tracker: Only keep the Artifacts where the user has admin rights.

Modified: trunk/gforge/www/tracker/admin/ind.php
===================================================================
--- trunk/gforge/www/tracker/admin/ind.php	2009-12-16 19:57:03 UTC (rev 8546)
+++ trunk/gforge/www/tracker/admin/ind.php	2009-12-16 19:57:07 UTC (rev 8547)
@@ -8,16 +8,6 @@
 	//
 
 
-	//
-	//  get the Group object
-	//
-	$group =& group_get_object($group_id);
-	if (!$group || !is_object($group)) {
-		exit_error('Error','Could Not Get Group Object');
-	} elseif ($group->isError()) {
-		exit_error('Error',$group->getErrorMessage());
-	}
-
 	$perm =& $group->getPermission( session_get_user() );
 
 	if (getStringFromRequest('post_changes')) {
@@ -59,7 +49,18 @@
 		exit_error('Error','Could Not Get ArtifactTypeFactory');
 	}
 
-	$at_arr =& $atf->getArtifactTypes();
+	// Only keep the Artifacts where the user has admin rights.
+	$arr =& $atf->getArtifactTypes();
+	$i=0;
+	for ($j = 0; $j < count($arr); $j++) {
+		if ($arr[$j]->userIsAdmin()) {
+			$at_arr[$i++] =& $arr[$j];
+		}
+	}
+	// If no more tracker now,
+	if ($i==0 && $j>0) {
+		exit_permission_denied();
+	}
 
 	//required params for site_project_header();
 	$params['group']=$group_id;




More information about the Fusionforge-commits mailing list