[Fusionforge-commits] r9839 - in trunk/gforge: common/forum common/include common/mail common/pm common/tracker www/forum www/forum/admin www/forum/include www/pm www/pm/admin www/pm/include www/tracker www/tracker/admin www/tracker/include

Roland Mas lolando at libremir.placard.fr.eu.org
Fri May 21 09:57:14 CEST 2010


Author: lolando
Date: 2010-05-21 09:57:14 +0200 (Fri, 21 May 2010)
New Revision: 9839

Modified:
   trunk/gforge/common/forum/Forum.class.php
   trunk/gforge/common/forum/ForumMessage.class.php
   trunk/gforge/common/include/Group.class.php
   trunk/gforge/common/mail/MailingList.class.php
   trunk/gforge/common/pm/ProjectGroup.class.php
   trunk/gforge/common/pm/ProjectTask.class.php
   trunk/gforge/common/tracker/Artifact.class.php
   trunk/gforge/common/tracker/ArtifactBoxOptions.class.php
   trunk/gforge/common/tracker/ArtifactCanned.class.php
   trunk/gforge/common/tracker/ArtifactExtraField.class.php
   trunk/gforge/common/tracker/ArtifactExtraFieldElement.class.php
   trunk/gforge/common/tracker/ArtifactHistory.class.php
   trunk/gforge/common/tracker/ArtifactQuery.class.php
   trunk/gforge/common/tracker/ArtifactType.class.php
   trunk/gforge/www/forum/admin/ForumAdmin.class.php
   trunk/gforge/www/forum/admin/monitor.php
   trunk/gforge/www/forum/attachment.php
   trunk/gforge/www/forum/include/AttachManager.class.php
   trunk/gforge/www/forum/include/ForumHTML.class.php
   trunk/gforge/www/forum/message.php
   trunk/gforge/www/pm/admin/index.php
   trunk/gforge/www/pm/browse_task.php
   trunk/gforge/www/pm/include/ProjectGroupHTML.class.php
   trunk/gforge/www/pm/task.php
   trunk/gforge/www/tracker/add.php
   trunk/gforge/www/tracker/admin/ind.php
   trunk/gforge/www/tracker/admin/index.php
   trunk/gforge/www/tracker/browse.php
   trunk/gforge/www/tracker/include/ArtifactTypeHtml.class.php
   trunk/gforge/www/tracker/query.php
   trunk/gforge/www/tracker/tracker.php
Log:
Removed userIsAdmin() methods

Modified: trunk/gforge/common/forum/Forum.class.php
===================================================================
--- trunk/gforge/common/forum/Forum.class.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/common/forum/Forum.class.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -568,7 +568,7 @@
 			}
 		}
 
-		if (!$this->userIsAdmin()) {
+		if (!forge_check_perm ('forum_admin', $this->Group->getID())) {
 			$this->setPermissionDeniedError();
 			return false;
 		}
@@ -610,7 +610,7 @@
 			$this->setMissingParamsError();
 			return false;
 		}
-		if (!$this->userIsAdmin()) {
+		if (!forge_check_perm ('forum_admin', $this->Group->getID())) {
 			$this->setPermissionDeniedError();
 			return false;
 		}
@@ -676,22 +676,13 @@
 	 *  @return boolean user_is_mod_lvl1
 	 */
 	function userIsModLvl2() {
-		if ( $this->userIsAdmin() ) {
+		if ( forge_check_perm ('forum_admin', $this->Group->getID()) ) {
 			return false;
 		} else {
 			return true;
 		}
 	}
 	
-	/**
-	 *  userIsAdmin - see if the logged-in user's perms are >= 2 or Group ForumAdmin.
-	 *
-	 *  @return boolean user_is_admin.
-	 */
-	function userIsAdmin() {
-		return forge_check_perm ('forum_admin', $this->Group->getID()) ;
-	}
-
 }
 
 // Local Variables:

Modified: trunk/gforge/common/forum/ForumMessage.class.php
===================================================================
--- trunk/gforge/common/forum/ForumMessage.class.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/common/forum/ForumMessage.class.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -580,7 +580,7 @@
 			return 0;
 		}
 		
-		if (!$this->Forum->userIsAdmin()) {
+		if (!forge_check_perm ('forum_admin', $this->Forum->Group->getID()) {
 			$this->setPermissionDeniedError();
 			return false;
 		}

Modified: trunk/gforge/common/include/Group.class.php
===================================================================
--- trunk/gforge/common/include/Group.class.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/common/include/Group.class.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -1365,21 +1365,6 @@
 	}
 
 
-	/**
-	 *	userIsAdmin - Return if for this Group the User is admin.
-	 *
-	 *	@return boolean	is_admin.
-	 */
-	function userIsAdmin() {
-		$perm =& $this->getPermission ();
-		if (!$perm || !is_object($perm)) {
-			return false;
-		} elseif ($perm->isError()) {
-			return false;
-		}
-		return $perm->isAdmin();
-	}
-
 	function delete($sure,$really_sure,$really_really_sure) {
 		if (!$sure || !$really_sure || !$really_really_sure) {
 			$this->setMissingParamsError();

Modified: trunk/gforge/common/mail/MailingList.class.php
===================================================================
--- trunk/gforge/common/mail/MailingList.class.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/common/mail/MailingList.class.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -112,7 +112,7 @@
 		//
 		if (!$creator_id) {
 			$creator_id=user_getid();
-			if(!$this->userIsAdmin()) {
+			if(!forge_check_perm ('project_admin', $this->Group->getID())) {
 				$this->setPermissionDeniedError();
 				return false;
 			}
@@ -230,7 +230,7 @@
 	 *	@return	boolean	success.
 	 */
 	function update($description, $isPublic = MAIL__MAILING_LIST_IS_PUBLIC, $status = 'xyzzy') {
-		if(! $this->userIsAdmin()) {
+		if(! forge_check_perm ('project_admin', $this->Group->getID())) {
 			$this->setPermissionDeniedError();
 			return false;
 		}
@@ -372,7 +372,7 @@
 			$this->setMissingParamsError();
 			return false;
 		}
-		if (!$this->userIsAdmin()) {
+		if (!forge_check_perm ('project_admin', $this->Group->getID())) {
 			$this->setPermissionDeniedError();
 			return false;
 		}
@@ -393,17 +393,6 @@
 		return true;
 		
 	}
-
-	/**
-	 * userIsAdmin - use this function to know if the user can administrate mailing lists
-	 *
-	 * This is a static method. Currently the user must be a project or a sitewide admin to administrate the mailing lists
-	 *
-	 * @return boolean true if the user can administrate mailing lists
-	 */
-	function userIsAdmin() {
-		return forge_check_perm ('project_admin', $this->Group->getID()) ;
-	}
 }
 
 // Local Variables:

Modified: trunk/gforge/common/pm/ProjectGroup.class.php
===================================================================
--- trunk/gforge/common/pm/ProjectGroup.class.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/common/pm/ProjectGroup.class.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -388,7 +388,7 @@
                         return false;
                 }
 
-		if (!$this->userIsAdmin()) {
+		if (!forge_check_perm ('pm', $this->getID(), 'manager')) {
 			$this->setPermissionDeniedError();
 			return false;
 		}
@@ -421,7 +421,7 @@
 			$this->setMissingParamsError();
 			return false;
 		}
-		if (!$this->userIsAdmin()) {
+		if (!forge_check_perm ('pm', $this->getID(), 'manager')) {
 			$this->setPermissionDeniedError();
 			return false;
 		}
@@ -543,22 +543,6 @@
 
 		return true;
 	}
-
-	/*
-
-		USER PERMISSION FUNCTIONS
-
-	*/
-
-	/**
-	 *  userIsAdmin - see if the logged-in user's perms are >= 2 or Group PMAdmin.
-	 *
-	 *  @return boolean user_is_admin.
-	 */
-	function userIsAdmin() {
-		return forge_check_perm ('pm', $this->getID(), 'manager') ;
-	}
-
 }
 
 // Local Variables:

Modified: trunk/gforge/common/pm/ProjectTask.class.php
===================================================================
--- trunk/gforge/common/pm/ProjectTask.class.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/common/pm/ProjectTask.class.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -155,7 +155,7 @@
 		if (!$duration) {
 			$duration=0;
 		}
-		if (!$this->ProjectGroup->userIsAdmin()) {
+		if (!forge_check_perm ('pm', $this->ProjectGroup->getID(), 'manager')) {
 			$this->setPermissionDeniedError();
 			return false;
 		}
@@ -444,7 +444,7 @@
 	 *	@return	boolean	success.
 	 */
 	function addRelatedArtifacts($art_array) {
-		if (!$this->ProjectGroup->userIsAdmin()) {
+		if (!forge_check_perm ('pm', $this->ProjectGroup->getID(), 'manager')) {
 			$this->setPermissionDeniedError();
 			return false;
 		}
@@ -475,7 +475,7 @@
 	 *	@return	boolean	success.
 	 */
 	function removeRelatedArtifacts($art_array) {
-		if (!$this->ProjectGroup->userIsAdmin()) {
+		if (!forge_check_perm ('pm', $this->ProjectGroup->getID(), 'manager')) {
 			$this->setPermissionDeniedError();
 			return false;
 		}
@@ -505,7 +505,7 @@
 			$this->setMissingParamsError();
 			return false;
 		}
-		if (!$this->ProjectGroup->userIsAdmin()) {
+		if (!forge_check_perm ('pm', $this->ProjectGroup->getID(), 'manager')) {
 			$this->setPermissionDeniedError();
 			return false;
 		}
@@ -925,7 +925,7 @@
 			$has_changes = true;
 		}
 
-		if (!$this->ProjectGroup->userIsAdmin()) {
+		if (!forge_check_perm ('pm', $this->ProjectGroup->getID(), 'manager')) {
 			$this->setPermissionDeniedError();
 			return false;
 		}
@@ -954,12 +954,11 @@
 				db_rollback();
 				return false;
 			}
-			/*  do they have perms for new ArtifactType?
-			if (!$newArtifactType->userIsAdmin()) {
+			if (!forge_check_perm ('pm', $newProjectGroup->getID(), 'manager')) {
 				$this->setPermissionDeniedError();
 				db_rollback();
 				return false;
-			}*/
+			}
 			//
 			//  Now set ProjectGroup, Category, and Assigned to 100 in the new ProjectGroup
 			//

Modified: trunk/gforge/common/tracker/Artifact.class.php
===================================================================
--- trunk/gforge/common/tracker/Artifact.class.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/common/tracker/Artifact.class.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -202,7 +202,7 @@
 
 //
 // ape: Disabled, private means only restricted to members. So, no special rules #2503.
-//			if (!$this->ArtifactType->userIsAdmin()) {
+//			if (!forge_check_perm ('tracker_admin', $this->ArtifactType->Group->getID()) {
 //				$this->setError(_('Artifact: Only Artifact Admins Can Modify Private ArtifactTypes'));
 //				return false;
 //			}
@@ -497,7 +497,7 @@
 			$this->setMissingParamsError();
 			return false;
 		}
-		if (!$this->ArtifactType->userIsAdmin()) {
+		if (!forge_check_perm ('tracker_admin', $this->ArtifactType->Group->getID()) {
 			$this->setPermissionDeniedError();
 			return false;
 		}
@@ -874,7 +874,7 @@
 				return false;
 			}
 			//	do they have perms for new ArtifactType?
-			if (!$newArtifactType->userIsAdmin()) {
+			if (!forge_check_perm ('tracker', $newArtifactType->getID(), 'manager')) {
 				$this->setPermissionDeniedError();
 				db_rollback();
 				return false;

Modified: trunk/gforge/common/tracker/ArtifactBoxOptions.class.php
===================================================================
--- trunk/gforge/common/tracker/ArtifactBoxOptions.class.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/common/tracker/ArtifactBoxOptions.class.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -94,7 +94,7 @@
 			$this->setError(_('an element name is required'));
 			return false;
 		}
-		if (!$this->ArtifactType->userIsAdmin()) {
+		if (!forge_check_perm ('tracker_admin', $this->ArtifactType->Group->getID()) {
 			$this->setPermissionDeniedError();
 			return false;
 		}
@@ -187,7 +187,7 @@
 	 *  @return	boolean	success.
 	 */
 	function update($name,$boxid,$id) {
-		if (!$this->ArtifactType->userIsAdmin()) {
+		if (!forge_check_perm ('tracker_admin', $this->ArtifactType->Group->getID()) {
 			$this->setPermissionDeniedError();
 			return false;
 		}

Modified: trunk/gforge/common/tracker/ArtifactCanned.class.php
===================================================================
--- trunk/gforge/common/tracker/ArtifactCanned.class.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/common/tracker/ArtifactCanned.class.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -93,7 +93,7 @@
 			$this->setError(_('ArtifactCanned: name and assignee are Required'));
 			return false;
 		}
-		if (!$this->ArtifactType->userIsAdmin()) {
+		if (!forge_check_perm ('tracker_admin', $this->ArtifactType->Group->getID()) {
 			$this->setPermissionDeniedError();
 			return false;
 		}
@@ -182,7 +182,7 @@
 	 *  @return	boolean	success.
 	 */
 	function update($title,$body) {
-		if (!$this->ArtifactType->userIsAdmin()) {
+		if (!forge_check_perm ('tracker_admin', $this->ArtifactType->Group->getID()) {
 			$this->setPermissionDeniedError();
 			return false;
 		}   

Modified: trunk/gforge/common/tracker/ArtifactExtraField.class.php
===================================================================
--- trunk/gforge/common/tracker/ArtifactExtraField.class.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/common/tracker/ArtifactExtraField.class.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -114,7 +114,7 @@
 			$this->setError("Type of custom field not selected");
 			return false;			
 		}
-		if (!$this->ArtifactType->userIsAdmin()) {
+		if (!forge_check_perm ('tracker_admin', $this->ArtifactType->Group->getID()) {
 			$this->setPermissionDeniedError();
 			return false;
 		}
@@ -369,7 +369,7 @@
 	 *  @return	boolean	success.
 	 */
 	function update($name,$attribute1,$attribute2,$is_required=0,$alias="") {
-		if (!$this->ArtifactType->userIsAdmin()) {
+		if (!forge_check_perm ('tracker_admin', $this->ArtifactType->Group->getID()) {
 			$this->setPermissionDeniedError();
 			return false;
 		}
@@ -431,7 +431,7 @@
 			$this->setMissingParamsError();
 			return false;
 		}
-		if (!$this->ArtifactType->userIsAdmin()) {
+		if (!forge_check_perm ('tracker_admin', $this->ArtifactType->Group->getID()) {
 			$this->setPermissionDeniedError();
 			return false;
 		}

Modified: trunk/gforge/common/tracker/ArtifactExtraFieldElement.class.php
===================================================================
--- trunk/gforge/common/tracker/ArtifactExtraFieldElement.class.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/common/tracker/ArtifactExtraFieldElement.class.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -127,7 +127,7 @@
 		} else {
 			$status_id=0;
 		}
-		if (!$this->ArtifactExtraField->ArtifactType->userIsAdmin()) {
+		if (!forge_check_perm ('tracker_admin', $this->ArtifactExtraField->ArtifactType->Group->getID()) {
 			$this->setPermissionDeniedError();
 			return false;
 		}
@@ -243,7 +243,7 @@
 	 *  @return	boolean	success.
 	 */
 	function update($name,$status_id=0) {
-		if (!$this->ArtifactExtraField->ArtifactType->userIsAdmin()) {
+		if (!forge_check_perm ('tracker_admin', $this->ArtifactExtraField->ArtifactType->Group->getID()) {
 			$this->setPermissionDeniedError();
 			return false;
 		}
@@ -287,7 +287,7 @@
 	 *  @return	boolean	success.
 	 */
 	function delete() {
-		if (!$this->ArtifactExtraField->ArtifactType->userIsAdmin()) {
+		if (!forge_check_perm ('tracker_admin', $this->ArtifactExtraField->ArtifactType->Group->getID()) {
 			$this->setPermissionDeniedError();
 			return false;
 		}

Modified: trunk/gforge/common/tracker/ArtifactHistory.class.php
===================================================================
--- trunk/gforge/common/tracker/ArtifactHistory.class.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/common/tracker/ArtifactHistory.class.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -92,7 +92,7 @@
 			$this->setError(_('ArtifactCategory: name and assignee are Required'));
 			return false;
 		}
-		if (!$this->Artifact->userIsAdmin()) {
+		if (!forge_check_perm ('tracker', $this->Artifact->ArtifactType->getID()), 'manager') {
 			$this->setPermissionDeniedError();
 			return false;
 		}

Modified: trunk/gforge/common/tracker/ArtifactQuery.class.php
===================================================================
--- trunk/gforge/common/tracker/ArtifactQuery.class.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/common/tracker/ArtifactQuery.class.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -140,7 +140,7 @@
 			return false;
 		}
 
-		if ($query_type>0 && !$this->ArtifactType->userIsAdmin()) {
+		if ($query_type>0 && !forge_check_perm ('tracker', $this->ArtifactType->getID(), 'manager')) {
 			$this->setError( _('You must have tracker admin rights to set or update a project level query.'));
 			return false;
 		}
@@ -636,7 +636,7 @@
 			$this->setError(_('Query does not exist'));
 			return false;
 		}
-		if ($query_type>0 && !$this->ArtifactType->userIsAdmin()) {
+		if ($query_type>0 && !forge_check_perm ('tracker', $this->ArtifactType->getID(), 'manager')) {
 			$this->setError(_('You must have tracker admin rights to set or update a project level query.'));
 			return false;
 		}
@@ -691,7 +691,7 @@
 	}
 
 	function delete() {
-		if ($this->ArtifactType->userIsAdmin()) {
+		if (forge_check_perm ('tracker', $this->ArtifactType->getID(), 'manager')) {
 			$res = db_query_params ('DELETE FROM artifact_query WHERE artifact_query_id=$1 AND (user_id=$2 OR query_type>0)',
 					array ($this->getID(),
 					       user_getid())) ;

Modified: trunk/gforge/common/tracker/ArtifactType.class.php
===================================================================
--- trunk/gforge/common/tracker/ArtifactType.class.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/common/tracker/ArtifactType.class.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -812,7 +812,7 @@
 			$this->setMissingParamsError();
 			return false;
 		}
-		if (!$this->userIsAdmin()) {
+		if (!forge_check_perm ('tracker_admin', $this->Group->getID()) {
 			$this->setPermissionDeniedError();
 			return false;
 		}
@@ -962,22 +962,7 @@
 		}
 	}
 
-	/*
-
-		USER PERMISSION FUNCTIONS
-
-	*/
-
 	/**
-	 *	userIsAdmin - see if the logged-in user's perms are >= 2 or Group ArtifactAdmin.
-	 *
-	 *	@return boolean	user_is_admin.
-	 */
-	function userIsAdmin() { 
-		return forge_check_perm ('tracker', $this->getID(), 'manager') ;
-	}
-
-	/**
 	 *  update - use this to update this ArtifactType in the database.
 	 *
 	 *  @param	string	The item name.
@@ -994,7 +979,7 @@
 	function update($name,$description,$email_all,$email_address,
 		$due_period, $status_timeout,$use_resolution,$submit_instructions,$browse_instructions) {
 
-		if (!$this->userIsAdmin()) {
+		if (!forge_check_perm ('tracker_admin', $this->Group->getID()) {
 			$this->setPermissionDeniedError();
 			return false;
 		}

Modified: trunk/gforge/www/forum/admin/ForumAdmin.class.php
===================================================================
--- trunk/gforge/www/forum/admin/ForumAdmin.class.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/www/forum/admin/ForumAdmin.class.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -181,9 +181,9 @@
 			} elseif ($f->isError()) {
 				exit_error(_('Error'),$f->getErrorMessage());
 			}
-			if (!$f->userIsAdmin()) {
-				exit_permission_denied();
-			}
+
+			session_require_perm ('forum_admin', $f->Group->getID()) ;
+
 			if (!$f->update($forum_name,$description,$allow_anonymous,$is_public,$send_all_posts_to,$moderation_level)) {
 				exit_error(_('Error'),$f->getErrorMessage());
 			} else {
@@ -230,10 +230,9 @@
 			} elseif ($f->isError()) {
 				exit_error(_('Error'),$f->getErrorMessage());
 			}
-			if (!$f->userIsAdmin()) {
-				exit_permission_denied();
-			}
 
+			session_require_perm ('forum_admin', $f->Group->getID()) ;
+
 			$fm=new ForumMessage($f,$msg_id);
 			if (!$fm || !is_object($fm)) {
 				exit_error(_('Error'),_('Error Getting ForumMessage'));
@@ -259,9 +258,9 @@
 			} elseif ($f->isError()) {
 				exit_error(_('Error'),$f->getErrorMessage());
 			}
-			if (!$f->userIsAdmin()) {
-				exit_permission_denied();
-			}
+
+			session_require_perm ('forum_admin', $f->Group->getID()) ;
+
 			if (!$f->delete(getStringFromRequest('sure'),getStringFromRequest('really_sure'))) {
 				exit_error(_('Error'),$f->getErrorMessage());
 			} else {

Modified: trunk/gforge/www/forum/admin/monitor.php
===================================================================
--- trunk/gforge/www/forum/admin/monitor.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/www/forum/admin/monitor.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -37,10 +37,10 @@
 	exit_error('Error','Could Not Get Forum Object');
 } elseif ($f->isError()) {
 	exit_error('Error',$f->getErrorMessage());
-} elseif (!$f->userIsAdmin()) {
-	exit_permission_denied();
 }
 
+session_require_perm ('forum_admin', $f->Group->getID()) ;
+
 forum_header(array('title'=>_('Add forum')));
 
 $res = db_query_params ('select users.user_id,users.user_name, users.email, users.realname from

Modified: trunk/gforge/www/forum/attachment.php
===================================================================
--- trunk/gforge/www/forum/attachment.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/www/forum/attachment.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -91,7 +91,7 @@
 	if ( (!$res) ) {
 		exit_error("Attachment Download error","DB Error");
 	}
-	if (! ((db_result($res,0,'userid') == user_getid()) || ($f->userIsAdmin())) ) {
+	if (! ((db_result($res,0,'userid') == user_getid()) || (forge_check_perm ('forum_admin', $f->Group->getID()))) ) {
 		goodbye(_('You cannot delete this attachment'));
 	}	else {
 		if (!$pending) {
@@ -121,7 +121,7 @@
 	if ( (!$res) || (!$res2) ) {
 		exit_error("Attachment error","DB Error");
 	}
-	if (! ((db_result($res2,0,'posted_by') == user_getid()) || ($f->userIsAdmin())) ) {
+	if (! ((db_result($res2,0,'posted_by') == user_getid()) || (forge_check_perm ('forum_admin', $f->Group->getID()))) ) {
 		goodbye(_('You cannot edit this attachment'));
 	}	else {
 		if ($doedit=="1") {

Modified: trunk/gforge/www/forum/include/AttachManager.class.php
===================================================================
--- trunk/gforge/www/forum/include/AttachManager.class.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/www/forum/include/AttachManager.class.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -144,7 +144,9 @@
 			if (!$f || !is_object($f)) {
 			exit_error('Error', _('Could Not Get Forum Object'));
 			} else {
-				if ( ((user_getid() == $attach_userid) || ($f->userIsAdmin())) && (!$msg->isPending()) ) { //only permit the user who created the attach to delete it, or an admin
+				if ( ((user_getid() == $attach_userid)
+				      || (forge_check_perm ('forum_admin', $f->Group->getID())))
+				     && (!$msg->isPending()) ) { //only permit the user who created the attach to delete it, or an admin
 					$attach .= "   <a href=\"javascript:manageattachments('/forum/attachment.php?attachid=$attachid&amp;group_id=$group_id&amp;forum_id=$forum_id&amp;msg_id=$msg_id&amp;edit=yes','no');\">" .  "<font size=\"-3\">" .  html_image('ic/forum_edit.gif','37','15',array('alt'=>_("Edit"))) . "</font></a>";
 					$attach .= "     <a href=\"javascript:manageattachments('/forum/attachment.php?attachid=$attachid&amp;group_id=$group_id&amp;forum_id=$forum_id&amp;delete=yes','yes');\">" .  "<font size=\"-3\">" .  html_image('ic/forum_delete.gif','16','18',array('alt'=>_("Delete"))) . "</font></a>";
 				}
@@ -157,7 +159,9 @@
 			} else {
 //				$attach = html_image('ic/cfolder15.png',"15","13",array("border"=>"0")) . _('No attachment found');
 				$attach = '';
-				if ( ((user_getid() == $msg->getPosterID()) || ($f->userIsAdmin())) && (!$msg->isPending()) ) { //only permit an admin or the user who created the message to insert an attach
+				if ( ((user_getid() == $msg->getPosterID())
+				      || (forge_check_perm ('forum_admin', $f->Group->getID())))
+				     && (!$msg->isPending()) ) { //only permit the user who created the message to insert an attach
 					$attach .= "   <a href=\"javascript:manageattachments('".util_make_url ("/forum/attachment.php?attachid=0&amp;group_id=$group_id&amp;forum_id=$forum_id&amp;msg_id=$msg_id&amp;edit=yes")."','no');\">" .  "<font size=\"-3\">" .  html_image('ic/forum_add.gif','37','15',array('alt'=>_("Add"))) . "</font></a>";
 				}
 			}

Modified: trunk/gforge/www/forum/include/ForumHTML.class.php
===================================================================
--- trunk/gforge/www/forum/include/ForumHTML.class.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/www/forum/include/ForumHTML.class.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -112,7 +112,7 @@
 			$menu_text[]=_('Discussion Forums:') .' '. $f->getName();
 			$menu_links[]='/forum/forum.php?forum_id='.$forum_id;
 		}
-		if ($f->userIsAdmin()) {
+		if (forge_check_perm ('forum_admin', $f->Group->getID())) {
 			$menu_text[]=_('Admin');
 			$menu_links[]='/forum/admin/?group_id='.$group_id;
 		} 
@@ -262,7 +262,7 @@
 		$ret_val .= ' on '.date('Y-m-d H:i',$msg->getPostDate());
 		$ret_val .= '</td><td class="tablecontent"  align="right">';
 		$ret_val .= '<a href="'.$url.'">[forum:'.$msg->getID().']</a><br/>';
-		if ($msgforum->userIsAdmin()) {
+		if (forge_check_perm ('forum_admin', $msgforum->Group->getID())) {
 			$ret_val .= $fa->PrintAdminMessageOptions($msg->getID(),$group_id,$msg->getThreadID(),$msgforum->getID());
 		} 
 		$ret_val .= $am->PrintAttachLink($msg,$group_id,$msgforum->getID());

Modified: trunk/gforge/www/forum/message.php
===================================================================
--- trunk/gforge/www/forum/message.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/www/forum/message.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -121,7 +121,7 @@
 	echo ' on '. date(_('Y-m-d H:i'), $fm->getPostDate()) .'</td><td align="right">';
 	echo '<a href="'.$url.'">[forum:'.$msg_id.']</a><br/>';
 	$fa = new ForumAdmin();
-	if ($f->userIsAdmin()) {
+	if (forge_check_perm ('forum_admin', $f->Group->getID())) {
 		echo $fa->PrintAdminMessageOptions($msg_id,$group_id,0,$forum_id); // 0 in thread id because that tells us to go back to message.php instead of forum.php
 	}
 	$am = new AttachManager();

Modified: trunk/gforge/www/pm/admin/index.php
===================================================================
--- trunk/gforge/www/pm/admin/index.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/www/pm/admin/index.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -79,9 +79,7 @@
 		/*
 			Add a project_category
 		*/
-		if (!$pg->userIsAdmin()) {
-			exit_permission_denied();
-		}
+		session_require_perm ('pm', $pg->getID(), 'manager') ;
 
 		$pc = new ProjectCategory($pg);
 		if (!$pc || !is_object($pc)) {
@@ -101,9 +99,7 @@
 		/*
 			Update a project_category
 		*/
-		if (!$pg->userIsAdmin()) {
-			exit_permission_denied();
-		}
+		session_require_perm ('pm', $pg->getID(), 'manager') ;
 
 		$pc = new ProjectCategory($pg,$id);
 		if (!$pc || !is_object($pc)) {
@@ -128,9 +124,7 @@
 		/*
 			Update a subproject
 		*/
-		if (!$pg->userIsAdmin()) {
-			exit_permission_denied();
-		}
+		session_require_perm ('pm', $pg->getID(), 'manager') ;
 
 		if (!$pg->update($project_name,$description,$send_all_posts_to)) {
 			exit_error('Error',$pg->getErrorMessage());
@@ -146,9 +140,7 @@
 		/*
 			Delete a subproject
 		*/
-		if (!$pg->userIsAdmin()) {
-			exit_permission_denied();
-		}
+		session_require_perm ('pm', $pg->getID(), 'manager') ;
 
 		if (!$pg->delete(getStringFromRequest('sure'),getStringFromRequest('really_sure'))) {
 			exit_error('Error',$pg->getErrorMessage());
@@ -173,10 +165,9 @@
 	} elseif ($pg->isError()) {
 		exit_error('Error',$pg->getErrorMessage());
 	}
-	if (!$pg->userIsAdmin()) {
-		exit_permission_denied();
-	}
 
+	session_require_perm ('pm', $pg->getID(), 'manager') ;
+
 	$title = sprintf(_('Add Categories to: %s'), $pg->getName());
 	pm_header(array ('title'=>$title));
 
@@ -238,9 +229,9 @@
 	} elseif ($pg->isError()) {
 		exit_error('Error',$pg->getErrorMessage());
 	}
-	if (!$pg->userIsAdmin()) {
-		exit_permission_denied();
-	}
+
+	session_require_perm ('pm', $pg->getID(), 'manager') ;
+
 	$title = sprintf(_('Modify a Category in: %s'), $pg->getName());
 	pm_header(array ('title'=>$title));
 
@@ -312,10 +303,9 @@
 	} elseif ($pg->isError()) {
 		exit_error('Error',$pg->getErrorMessage());
 	}
-	if (!$pg->userIsAdmin()) {
-		exit_permission_denied();
-	}
 
+	session_require_perm ('pm', $pg->getID(), 'manager') ;
+
 	pm_header(array('title'=>_('Change Tasks Status')));
 
 	?>
@@ -378,10 +368,9 @@
 	} elseif ($pg->isError()) {
 		exit_error('Error',$pg->getErrorMessage());
 	}
-	if (!$pg->userIsAdmin()) {
-		exit_permission_denied();
-	}
 
+	session_require_perm ('pm', $pg->getID(), 'manager') ;
+
 	pm_header(array('title'=>_('Delete')));
 
 	?>

Modified: trunk/gforge/www/pm/browse_task.php
===================================================================
--- trunk/gforge/www/pm/browse_task.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/www/pm/browse_task.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -144,7 +144,7 @@
 	/*
 		Now display the tasks in a table with priority colors
 	*/
-	$IS_ADMIN=($pg->userIsAdmin());
+	$IS_ADMIN = forge_check_perm ('pm', $pg->getID(), 'manager') ;
 
 	if ($IS_ADMIN) {
 		echo '

Modified: trunk/gforge/www/pm/include/ProjectGroupHTML.class.php
===================================================================
--- trunk/gforge/www/pm/include/ProjectGroupHTML.class.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/www/pm/include/ProjectGroupHTML.class.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -72,7 +72,7 @@
 		$labels[] = _('Import/Export CSV');
 		$links[]  = '/pm/task.php?group_id='.$group_id.'&amp;group_project_id='.$group_project_id.'&amp;func=csv';
 	}
-	if ($pg && is_object($pg) && $pg->userIsAdmin()) {
+	if ($pg && is_object($pg) && forge_check_perm ('pm', $pg->getID(), 'manager')) {
 		$labels[] = _('Reporting');
 		$links[]  = '/pm/reporting/?group_id='.$group_id;
 		$labels[] = _('Admin');

Modified: trunk/gforge/www/pm/task.php
===================================================================
--- trunk/gforge/www/pm/task.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/www/pm/task.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -78,17 +78,15 @@
 	//	Show blank form to add new task
 	//
 	case 'addtask' : {
-		if ($pg->userIsAdmin()) {
-			$pt=new ProjectTaskHTML($pg);
-			if (!$pt || !is_object($pt)) {
-				exit_error('Error','Could Not Get ProjectTask');
-			} elseif ($pt->isError()) {
-				exit_error('Error',$pt->getErrorMessage());
-			}
-			include $gfwww.'pm/add_task.php';
-		} else {
-			exit_permission_denied();
+		session_require_perm ('pm', $pg->getID(), 'manager') ;
+
+		$pt=new ProjectTaskHTML($pg);
+		if (!$pt || !is_object($pt)) {
+			exit_error('Error','Could Not Get ProjectTask');
+		} elseif ($pt->isError()) {
+			exit_error('Error',$pt->getErrorMessage());
 		}
+		include $gfwww.'pm/add_task.php';
 		break;
 	}
 
@@ -96,44 +94,41 @@
 	//	Insert the task into the database
 	//
 	case 'postaddtask' : {
-		if ($pg->userIsAdmin()) {
-			
-			$add_artifact_id = getStringFromRequest('add_artifact_id');
+		session_require_perm ('pm', $pg->getID(), 'manager') ;
 
-			$pt = new ProjectTask($pg);
-			if (!$pt || !is_object($pt)) {
-				exit_error('Error','Could Not Get Empty ProjectTask');
-			} elseif ($pt->isError()) {
-				exit_error('Error',$pt->getErrorMessage());
-			}
-
-			$saved_hours = $hours;
-			$hours = (float) $hours;
-			if ( $saved_hours !== (string)$hours ) {
-				exit_error('Error', "Illegal format for hours: must be an integer or a float number.");
-			}
-
-			if (!$dependent_on)
-			{
-				$dependent_on=array();
-			}
-			$start_date=mktime($start_hour,$start_minute,0,$start_month,$start_day,$start_year);
-			$end_date=mktime($end_hour,$end_minute,0,$end_month,$end_day,$end_year);
-			
-			
-			if (!$pt->create($summary,$details,$priority,$hours,$start_date,$end_date,$category_id,$percent_complete,$assigned_to,$pt->convertDependentOn($dependent_on),$duration,$parent_id)) {
-				exit_error('ERROR',$pt->getErrorMessage());
-			} else {
-				if (count($add_artifact_id) > 0) {
-					if (!$pt->addRelatedArtifacts($add_artifact_id)) {
-						exit_error('ERROR','addRelatedArtifacts():: '.$pt->getErrorMessage());
-					}
+		$add_artifact_id = getStringFromRequest('add_artifact_id');
+		
+		$pt = new ProjectTask($pg);
+		if (!$pt || !is_object($pt)) {
+			exit_error('Error','Could Not Get Empty ProjectTask');
+		} elseif ($pt->isError()) {
+			exit_error('Error',$pt->getErrorMessage());
+		}
+		
+		$saved_hours = $hours;
+		$hours = (float) $hours;
+		if ( $saved_hours !== (string)$hours ) {
+			exit_error('Error', "Illegal format for hours: must be an integer or a float number.");
+		}
+		
+		if (!$dependent_on)
+		{
+			$dependent_on=array();
+		}
+		$start_date=mktime($start_hour,$start_minute,0,$start_month,$start_day,$start_year);
+		$end_date=mktime($end_hour,$end_minute,0,$end_month,$end_day,$end_year);
+		
+		
+		if (!$pt->create($summary,$details,$priority,$hours,$start_date,$end_date,$category_id,$percent_complete,$assigned_to,$pt->convertDependentOn($dependent_on),$duration,$parent_id)) {
+			exit_error('ERROR',$pt->getErrorMessage());
+		} else {
+			if (count($add_artifact_id) > 0) {
+				if (!$pt->addRelatedArtifacts($add_artifact_id)) {
+					exit_error('ERROR','addRelatedArtifacts():: '.$pt->getErrorMessage());
 				}
-				$feedback=_('Task Created Successfully');
-				include $gfwww.'pm/browse_task.php';
 			}
-		} else {
-			exit_permission_denied();
+			$feedback=_('Task Created Successfully');
+			include $gfwww.'pm/browse_task.php';
 		}
 		break;
 	}
@@ -142,45 +137,43 @@
 	//	Modify an existing task
 	//
 	case 'postmodtask' : {
-		if ($pg->userIsAdmin()) {
-			$rem_artifact_id = getStringFromRequest('rem_artifact_id');
+		session_require_perm ('pm', $pg->getID(), 'manager') ;
 
-			if(!$rem_artifact_id){
-				$rem_artifact_id=array();
-			}
+		$rem_artifact_id = getStringFromRequest('rem_artifact_id');
 		
-			$pt = new ProjectTask($pg,$project_task_id);
-			if (!$pt || !is_object($pt)) {
-				exit_error('Error','Could Not Get ProjectTask');
-			} elseif ($pt->isError()) {
-				exit_error('Error',$pt->getErrorMessage());
-			}
-
-			$saved_hours = $hours;
-			$hours = (float) $hours;
-			if ( $saved_hours !== (string)$hours ) {
-				exit_error('Error', "Illegal format for hours: must be an integer or a float number.");
-			}
-
-			if (!$dependent_on)	{
-				$dependent_on=array();
-			}
-			$start_date=mktime($start_hour,$start_minute,0,$start_month,$start_day,$start_year);
-			$end_date=mktime($end_hour,$end_minute,0,$end_month,$end_day,$end_year);
-			if (!$pt->update($summary,$details,$priority,$hours,$start_date,$end_date,
-				$status_id,$category_id,$percent_complete,$assigned_to,$pt->convertDependentOn($dependent_on),$new_group_project_id,$duration,$parent_id)) {
-				exit_error('ERROR','update():: '.$pt->getErrorMessage());
-			} else {
-				if (count($rem_artifact_id) > 0) {
-					if (!$pt->removeRelatedArtifacts($rem_artifact_id)) {
-						exit_error('ERROR','removeRelatedArtifacts():: '.$pt->getErrorMessage());
-					}
+		if(!$rem_artifact_id){
+			$rem_artifact_id=array();
+		}
+		
+		$pt = new ProjectTask($pg,$project_task_id);
+		if (!$pt || !is_object($pt)) {
+			exit_error('Error','Could Not Get ProjectTask');
+		} elseif ($pt->isError()) {
+			exit_error('Error',$pt->getErrorMessage());
+		}
+		
+		$saved_hours = $hours;
+		$hours = (float) $hours;
+		if ( $saved_hours !== (string)$hours ) {
+			exit_error('Error', "Illegal format for hours: must be an integer or a float number.");
+		}
+		
+		if (!$dependent_on)	{
+			$dependent_on=array();
+		}
+		$start_date=mktime($start_hour,$start_minute,0,$start_month,$start_day,$start_year);
+		$end_date=mktime($end_hour,$end_minute,0,$end_month,$end_day,$end_year);
+		if (!$pt->update($summary,$details,$priority,$hours,$start_date,$end_date,
+				 $status_id,$category_id,$percent_complete,$assigned_to,$pt->convertDependentOn($dependent_on),$new_group_project_id,$duration,$parent_id)) {
+			exit_error('ERROR','update():: '.$pt->getErrorMessage());
+		} else {
+			if (count($rem_artifact_id) > 0) {
+				if (!$pt->removeRelatedArtifacts($rem_artifact_id)) {
+					exit_error('ERROR','removeRelatedArtifacts():: '.$pt->getErrorMessage());
 				}
-				$feedback=_('Task Updated Successfully');
-				include $gfwww.'pm/browse_task.php';
 			}
-		} else {
-			exit_permission_denied();
+			$feedback=_('Task Updated Successfully');
+			include $gfwww.'pm/browse_task.php';
 		}
 		break;
 	}
@@ -196,35 +189,24 @@
 	}
 
 	case 'downloadcsv': {
+		session_require_perm ('pm', $pg->getID(), 'manager') ;
 
-		if ($pg->userIsAdmin()) {
-			include $gfwww.'pm/downloadcsv.php';
-			exit;
-		} else {
-			exit_permission_denied();
-		}
-
+		include $gfwww.'pm/downloadcsv.php';
+		exit;
 	}
 
 	case 'uploadcsv': {
+		session_require_perm ('pm', $pg->getID(), 'manager') ;
 
-		if ($pg->userIsAdmin()) {
-			include $gfwww.'pm/uploadcsv.php';
-			exit;
-		} else {
-			exit_permission_denied();
-		}
-
+		include $gfwww.'pm/uploadcsv.php';
+		exit;
 	}
 
 	case 'postuploadcsv': {
+		session_require_perm ('pm', $pg->getID(), 'manager') ;
 
-		if ($pg->userIsAdmin()) {
-			include $gfwww.'pm/postuploadcsv.php';
-			include $gfwww.'pm/browse_task.php';
-		} else {
-			exit_permission_denied();
-		}
+		include $gfwww.'pm/postuploadcsv.php';
+		include $gfwww.'pm/browse_task.php';
 		break;
 	}
 
@@ -232,90 +214,84 @@
 		$project_task_id_list = getArrayFromRequest('project_task_id_list');
 		$count=count($project_task_id_list);
 	
-		if ($pg->userIsAdmin()) {
+		session_require_perm ('pm', $pg->getID(), 'manager') ;
 
-			for ($i=0; $i < $count; $i++) {
-				$pt=new ProjectTask($pg,$project_task_id_list[$i]);
-				if (!$pt || !is_object($pt)) {
-					$feedback .= ' ID: '.$project_task_id_list[$i].'::ProjectTask Could Not Be Created';
-				} else if ($pt->isError()) {
-					$feedback .= ' ID: '.$project_task_id_list[$i].'::'.$pt->getErrorMessage();
-				} else {
+		for ($i=0; $i < $count; $i++) {
+			$pt=new ProjectTask($pg,$project_task_id_list[$i]);
+			if (!$pt || !is_object($pt)) {
+				$feedback .= ' ID: '.$project_task_id_list[$i].'::ProjectTask Could Not Be Created';
+			} else if ($pt->isError()) {
+				$feedback .= ' ID: '.$project_task_id_list[$i].'::'.$pt->getErrorMessage();
+			} else {
 
-					$mass_summary=addslashes(util_unconvert_htmlspecialchars($pt->getSummary()));
-					$mass_details='';
-					$mass_priority=(($priority != 100) ? $priority : $pt->getPriority());
-					$mass_hours=$pt->getHours();
-					$mass_start_date=$pt->getStartDate();
-					$mass_end_date=$pt->getEndDate();
-					$mass_status_id=(($status_id != 100) ? $status_id : $pt->getStatusID());
-					$mass_category_id=(($category_id != 100) ? $category_id : $pt->getCategoryID());
-					$mass_percent_complete=$pt->getPercentComplete();
+				$mass_summary=addslashes(util_unconvert_htmlspecialchars($pt->getSummary()));
+				$mass_details='';
+				$mass_priority=(($priority != 100) ? $priority : $pt->getPriority());
+				$mass_hours=$pt->getHours();
+				$mass_start_date=$pt->getStartDate();
+				$mass_end_date=$pt->getEndDate();
+				$mass_status_id=(($status_id != 100) ? $status_id : $pt->getStatusID());
+				$mass_category_id=(($category_id != 100) ? $category_id : $pt->getCategoryID());
+				$mass_percent_complete=$pt->getPercentComplete();
 
-					//yikes, we want the ability to mass-update to "un-assigned", which is the ID=100, which
-					//conflicts with the "no change" ID! Sorry for messy use of 100.1
-					// 100 means => no change
-					// 100.1 means non assigned
-					// other means assigned to ...
+				//yikes, we want the ability to mass-update to "un-assigned", which is the ID=100, which
+				//conflicts with the "no change" ID! Sorry for messy use of 100.1
+				// 100 means => no change
+				// 100.1 means non assigned
+				// other means assigned to ...
 
-					if ($assigned_to == '100') {
-					    $mass_assigned_to = $pt->getAssignedTo();
-					} else if ($assigned_to == '100.1') {
-					    $mass_assigned_to = array('100');
-					} else {
-						$mass_assigned_to = array($assigned_to);
-					}
+				if ($assigned_to == '100') {
+					$mass_assigned_to = $pt->getAssignedTo();
+				} else if ($assigned_to == '100.1') {
+					$mass_assigned_to = array('100');
+				} else {
+					$mass_assigned_to = array($assigned_to);
+				}
 
-					$mass_dependent_on=$pt->getDependentOn();
-					$mass_new_group_project_id=(($new_group_project_id != 100) ? $new_group_project_id : $pt->ProjectGroup->getID() );
-					$mass_duration=$pt->getDuration();
-					$mass_parent_id=$pt->getParentID();
+				$mass_dependent_on=$pt->getDependentOn();
+				$mass_new_group_project_id=(($new_group_project_id != 100) ? $new_group_project_id : $pt->ProjectGroup->getID() );
+				$mass_duration=$pt->getDuration();
+				$mass_parent_id=$pt->getParentID();
 
-					if (!$pt->update($mass_summary,$mass_details,$mass_priority,$mass_hours,$mass_start_date,$mass_end_date,
-						$mass_status_id,$mass_category_id,$mass_percent_complete,$mass_assigned_to,$mass_dependent_on,$mass_new_group_project_id,$mass_duration,$mass_parent_id)) {
-						$was_error=true;
-						$feedback .= ' ID: '.$project_task_id_list[$i].'::'.$pt->getErrorMessage();
+				if (!$pt->update($mass_summary,$mass_details,$mass_priority,$mass_hours,$mass_start_date,$mass_end_date,
+						 $mass_status_id,$mass_category_id,$mass_percent_complete,$mass_assigned_to,$mass_dependent_on,$mass_new_group_project_id,$mass_duration,$mass_parent_id)) {
+					$was_error=true;
+					$feedback .= ' ID: '.$project_task_id_list[$i].'::'.$pt->getErrorMessage();
 
-					}
-					unset($pt);
 				}
+				unset($pt);
 			}
-			if ($count == 0) {
-				$warning_msg = _('No task selected');
-			}
-			elseif (!$was_error) {
-				$feedback = _('Task Updated Successfully');
-			}
-			include $gfwww.'pm/browse_task.php';
-			break;
-		} else {
-			exit_permission_denied();
 		}
-
+		if ($count == 0) {
+			$warning_msg = _('No task selected');
+		}
+		elseif (!$was_error) {
+			$feedback = _('Task Updated Successfully');
+		}
+		include $gfwww.'pm/browse_task.php';
+		break;
 	}
 
 	//
 	//	Add an artifact relationship to an existing task
 	//
 	case 'addartifact' : {
-		if ($pg->userIsAdmin()) {
-			$add_artifact_id = getStringFromRequest('add_artifact_id');
+		session_require_perm ('pm', $pg->getID(), 'manager') ;
 
-			$pt = new ProjectTask($pg,$project_task_id);
-			if (!$pt || !is_object($pt)) {
-				exit_error('Error','Could Not Get ProjectTask');
-			} elseif ($pt->isError()) {
-				exit_error('Error',$pt->getErrorMessage());
-			}
-			if (!$pt->addRelatedArtifacts($add_artifact_id)) {
-				exit_error('ERROR','addRelatedArtifacts():: '.$pt->getErrorMessage());
-			} else {
-				$feedback=_('Successfully Added Tracker Relationship');
-				include $gfwww.'pm/browse_task.php';
-
-			}
+		$add_artifact_id = getStringFromRequest('add_artifact_id');
+		
+		$pt = new ProjectTask($pg,$project_task_id);
+		if (!$pt || !is_object($pt)) {
+			exit_error('Error','Could Not Get ProjectTask');
+		} elseif ($pt->isError()) {
+			exit_error('Error',$pt->getErrorMessage());
+		}
+		if (!$pt->addRelatedArtifacts($add_artifact_id)) {
+			exit_error('ERROR','addRelatedArtifacts():: '.$pt->getErrorMessage());
 		} else {
-			exit_permission_denied();
+			$feedback=_('Successfully Added Tracker Relationship');
+			include $gfwww.'pm/browse_task.php';
+			
 		}
 		break;
 	}
@@ -324,17 +300,15 @@
 	//	Show delete form
 	//
 	case 'deletetask' : {
-		if ($pg->userIsAdmin()) {
-			$pt= new ProjectTask($pg,$project_task_id);
-			if (!$pt || !is_object($pt)) {
-				exit_error('Error','Could Not Get ProjectTask');
-			} elseif ($pt->isError()) {
-				exit_error('Error',$pt->getErrorMessage());
-			}
-			include $gfwww.'pm/deletetask.php';
-		} else {
-			exit_permission_denied();
+		session_require_perm ('pm', $pg->getID(), 'manager') ;
+
+		$pt= new ProjectTask($pg,$project_task_id);
+		if (!$pt || !is_object($pt)) {
+			exit_error('Error','Could Not Get ProjectTask');
+		} elseif ($pt->isError()) {
+			exit_error('Error',$pt->getErrorMessage());
 		}
+		include $gfwww.'pm/deletetask.php';
 		break;
 	}
 
@@ -343,27 +317,25 @@
 	//
 
 	case 'postdeletetask' : {
-		if ($pg->userIsAdmin()) {
-			$pt= new ProjectTask($pg, $project_task_id);
-			if (!$pt || !is_object($pt)) {
-				exit_error('Error','Could Not Get ProjectTask');
-			} elseif ($pt->isError()) {
-				exit_error('Error', $pt->getErrorMessage());
-			}
-			if (!getStringFromRequest('confirm_delete')) {
-				$feedback .= _('Confirmation failed. Task not deleted');
+		session_require_perm ('pm', $pg->getID(), 'manager') ;
+
+		$pt= new ProjectTask($pg, $project_task_id);
+		if (!$pt || !is_object($pt)) {
+			exit_error('Error','Could Not Get ProjectTask');
+		} elseif ($pt->isError()) {
+			exit_error('Error', $pt->getErrorMessage());
+		}
+		if (!getStringFromRequest('confirm_delete')) {
+			$feedback .= _('Confirmation failed. Task not deleted');
+		} else {
+			$deletion = $pt->delete(true);
+			if (!$deletion) {
+				$feedback .= _('Delete failed') . ': '.$pt->getErrorMessage();
 			} else {
-				$deletion = $pt->delete(true);
-				if (!$deletion) {
-					$feedback .= _('Delete failed') . ': '.$pt->getErrorMessage();
-				} else {
-					$feedback .= _('Task Successfully Deleted');
-				}
+				$feedback .= _('Task Successfully Deleted');
 			}
-			include $gfwww.'pm/browse_task.php';
-		} else {
-			exit_permission_denied();
 		}
+		include $gfwww.'pm/browse_task.php';
 		break;
 	}
 
@@ -393,7 +365,7 @@
 		} elseif ($pt->isError()) {
 			exit_error('Error',$pt->getErrorMessage());
 		}
-		if (session_loggedin() && $pg->userIsAdmin()) {
+		if (forge_check_perm ('pm', $pg->getID(), 'manager')) {
 			include $gfwww.'pm/mod_task.php';
 		} else {
 			include $gfwww.'pm/detail_task.php';

Modified: trunk/gforge/www/tracker/add.php
===================================================================
--- trunk/gforge/www/tracker/add.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/www/tracker/add.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -58,7 +58,7 @@
 	
 	$ath->renderExtraFields(array(),true,'none',false,'Any','',false,'UPDATE');
 
-	if ($ath->userIsAdmin()) {
+	if (forge_check_perm ('tracker', $ath->getID(), 'manager')) {
 		echo '<tr>
 		<td><strong>'._('Assigned to').': <a href="javascript:help_window(\''.util_make_url ('/help/tracker.php?helpname=assignee').'\')"><strong>(?)</strong></a></strong><br />';
 		echo $ath->technicianBox ('assigned_to');

Modified: trunk/gforge/www/tracker/admin/ind.php
===================================================================
--- trunk/gforge/www/tracker/admin/ind.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/www/tracker/admin/ind.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -50,7 +50,7 @@
 	$arr =& $atf->getArtifactTypes();
 	$i=0;
 	for ($j = 0; $j < count($arr); $j++) {
-		if ($arr[$j]->userIsAdmin()) {
+		if (forge_check_perm ('tracker', $arr[$j]->getID(), 'manager')) {
 			$at_arr[$i++] =& $arr[$j];
 		}
 	}

Modified: trunk/gforge/www/tracker/admin/index.php
===================================================================
--- trunk/gforge/www/tracker/admin/index.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/www/tracker/admin/index.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -40,9 +40,8 @@
 //		UPDATING A PARTICULAR ARTIFACT TYPE
 //
 
-	if (!forge_check_perm ('tracker_admin', $group_id)) {
-		exit_permission_denied();
-	}
+	session_require_perm ('tracker_admin', $group_id) ;
+
 	//
 	//  Create the ArtifactType object
 	//
@@ -53,9 +52,6 @@
 	if ($ath->isError()) {
 		exit_error(_('Error').'',$ath->getErrorMessage());
 	}
-	if (!$ath->userIsAdmin()) {
-		exit_permission_denied();
-	}
 
 	$next = '';
 	if (getStringFromRequest('post_changes') ||

Modified: trunk/gforge/www/tracker/browse.php
===================================================================
--- trunk/gforge/www/tracker/browse.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/www/tracker/browse.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -421,7 +421,7 @@
 	}
 
 
-	$IS_ADMIN=$ath->userIsAdmin();
+	$IS_ADMIN = forge_check_perm ('tracker', $ath->getID(), 'manager') ;
 
 	if ($IS_ADMIN) {
 		echo '

Modified: trunk/gforge/www/tracker/include/ArtifactTypeHtml.class.php
===================================================================
--- trunk/gforge/www/tracker/include/ArtifactTypeHtml.class.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/www/tracker/include/ArtifactTypeHtml.class.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -65,7 +65,7 @@
  				$links[]  = '/tracker/?group_id='.$group_id.'&amp;atid='. $this->getID().'&amp;func=monitor&amp;start=1';
   			}
 
-			if ($this->userIsAdmin()) {
+			if (forge_check_perm ('tracker', $ath->getID(), 'manager')) {
 				$labels[] = _('Admin');
 				$links[]  = '/tracker/admin/?group_id='.$group_id.'&amp;atid='.$this->getID();
 			}

Modified: trunk/gforge/www/tracker/query.php
===================================================================
--- trunk/gforge/www/tracker/query.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/www/tracker/query.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -263,7 +263,7 @@
 	<tr class="tablecontent">
 		<td>';
 	if(db_numrows($res)>0) {
-		if ($query_type == 0 || ($query_type>0 && $ath->userIsAdmin())) {
+		if ($query_type == 0 || ($query_type>0 && forge_check_perm ('tracker', $ath->getID(), 'manager'))) {
 			$allow_update = true;
 			$checked[1] = '';
 			$checked[3] = ' checked="checked"';
@@ -293,7 +293,7 @@
 
 echo'
 <table width="100%" class="tablecontent">';
-if ($ath->userIsAdmin()) {
+if (forge_check_perm ('tracker', $ath->getID(), 'manager')) {
 	$default_query = db_result(db_query_params('"SELECT query_name FROM artifact_query WHERE query_type=2 AND group_artifact_id=$1',
 						   array ($ath->getID())),
 				   0,

Modified: trunk/gforge/www/tracker/tracker.php
===================================================================
--- trunk/gforge/www/tracker/tracker.php	2010-05-21 07:56:56 UTC (rev 9838)
+++ trunk/gforge/www/tracker/tracker.php	2010-05-21 07:57:14 UTC (rev 9839)
@@ -152,9 +152,7 @@
 
 		$count=count($artifact_id_list);
 
-		if (!$ath->userIsAdmin()) {
-			exit_permission_denied();
-		}
+		session_require_perm ('tracker', $ath->getID(), 'manager') ;
 
 		$artifact_type_id=$ath->getID();
 
@@ -456,18 +454,16 @@
 		//	Show delete form
 		//
 		case 'deleteartifact' : {
-			if ($ath->userIsAdmin()) {
-				$aid = getStringFromRequest('aid');
-				$ah= new ArtifactHtml($ath,$aid);
-				if (!$ah || !is_object($ah)) {
-					exit_error('ERROR','Artifact Could Not Be Created');
-				} elseif ($ah->isError()) {
-					exit_error('ERROR',$ah->getErrorMessage());
-				}
-				include $gfwww.'tracker/deleteartifact.php';
-			} else {
-				exit_permission_denied();
+			session_require_perm ('tracker', $ath->getID(), 'manager') ;
+
+			$aid = getStringFromRequest('aid');
+			$ah= new ArtifactHtml($ath,$aid);
+			if (!$ah || !is_object($ah)) {
+				exit_error('ERROR','Artifact Could Not Be Created');
+			} elseif ($ah->isError()) {
+				exit_error('ERROR',$ah->getErrorMessage());
 			}
+			include $gfwww.'tracker/deleteartifact.php';
 			break;
 		}
 
@@ -479,28 +475,26 @@
 			if (!form_key_is_valid(getStringFromRequest('form_key'))) {
 				exit_form_double_submit();
 			}
-			if ($ath->userIsAdmin()) {
-				$aid = getStringFromRequest('aid');
-				$ah= new ArtifactHtml($ath,$aid);
-				if (!$ah || !is_object($ah)) {
-					exit_error('ERROR','Artifact Could Not Be Created');
-				} elseif ($ah->isError()) {
-					exit_error('ERROR',$ah->getErrorMessage());
+			session_require_perm ('tracker', $ath->getID(), 'manager') ;
+
+			$aid = getStringFromRequest('aid');
+			$ah= new ArtifactHtml($ath,$aid);
+			if (!$ah || !is_object($ah)) {
+				exit_error('ERROR','Artifact Could Not Be Created');
+			} elseif ($ah->isError()) {
+				exit_error('ERROR',$ah->getErrorMessage());
+			}
+			if (!getStringFromRequest('confirm_delete')) {
+				$feedback .= _('Confirmation failed. Artifact not deleted');
+			}
+			else {
+				if (!$ah->delete(true)) {
+					$feedback .= _('Artifact Delete Failed') . ': '.$ah->getErrorMessage();
+				} else {
+					$feedback .= _('Artifact Deleted Successfully');
 				}
-				if (!getStringFromRequest('confirm_delete')) {
-					$feedback .= _('Confirmation failed. Artifact not deleted');
-				}
-				else {
-					if (!$ah->delete(true)) {
-						$feedback .= _('Artifact Delete Failed') . ': '.$ah->getErrorMessage();
-					} else {
-						$feedback .= _('Artifact Deleted Successfully');
-					}
-				}
-				include $gfwww.'tracker/browse.php';
-			} else {
-				exit_permission_denied();
 			}
+			include $gfwww.'tracker/browse.php';
 			break;
 		}
 




More information about the Fusionforge-commits mailing list