[Fusionforge-commits] r9897 - trunk/gforge/common/include
Roland Mas
lolando at libremir.placard.fr.eu.org
Fri May 21 18:49:39 CEST 2010
Author: lolando
Date: 2010-05-21 18:49:39 +0200 (Fri, 21 May 2010)
New Revision: 9897
Modified:
trunk/gforge/common/include/Group.class.php
Log:
Fixed removal of users from a project
Modified: trunk/gforge/common/include/Group.class.php
===================================================================
--- trunk/gforge/common/include/Group.class.php 2010-05-21 16:34:18 UTC (rev 9896)
+++ trunk/gforge/common/include/Group.class.php 2010-05-21 16:49:39 UTC (rev 9897)
@@ -1801,28 +1801,41 @@
function removeUser($user_id) {
global $SYS;
- if ($user_id==user_getid()) {
- //users can remove themselves
- //everyone else must be a project admin
- } else {
- $perm =& $this->getPermission ();
+ if ($user_id != user_getid()
+ || !forge_check_perm ('project_admin', $this->getID())) {
+ $this->setPermissionDeniedError();
+ return false;
+ }
+
+ db_begin();
- if (!$perm || !is_object($perm) || !$perm->isAdmin()) {
- $this->setPermissionDeniedError();
+ if (USE_PFO_RBAC) {
+ $user = user_get_object ($user_id) ;
+ $roles = RBACEngine::getInstance()->getAvailableRolesForUser ($user) ;
+ $found_role = NULL ;
+ foreach ($roles as $role) {
+ if ($role->getHomeProject() && $role->getHomeProject()->getID() == $this->getID()) {
+ $found_role = $role ;
+ break ;
+ }
+ }
+ if ($found_role == NULL) {
+ $this->setError(sprintf(_('ERROR: User not removed: %s')));
+ db_rollback();
return false;
}
+ $found_role->removeUser ($user) ;
+ } else {
+ $res = db_query_params ('DELETE FROM user_group WHERE group_id=$1 AND user_id=$2',
+ array ($this->getID(),
+ $user_id)) ;
+ if (!$res || db_affected_rows($res) < 1) {
+ $this->setError(sprintf(_('ERROR: User not removed: %s'),db_error()));
+ db_rollback();
+ return false;
+ }
}
-
- db_begin();
- $res = db_query_params ('DELETE FROM user_group WHERE group_id=$1 AND user_id=$2',
- array ($this->getID(),
- $user_id)) ;
- if (!$res || db_affected_rows($res) < 1) {
- $this->setError(sprintf(_('ERROR: User not removed: %s'),db_error()));
- db_rollback();
- return false;
- } else {
//
// reassign open artifacts to id=100
//
@@ -1891,7 +1904,7 @@
//audit trail
$this->addHistory('Removed User',$user_id);
- }
+
db_commit();
return true;
}
More information about the Fusionforge-commits
mailing list