[Fusionforge-commits] r11135 - trunk/src/www/tracker/admin
Roland Mas
lolando at libremir.placard.fr.eu.org
Fri Oct 22 14:19:55 CEST 2010
Author: lolando
Date: 2010-10-22 14:19:55 +0200 (Fri, 22 Oct 2010)
New Revision: 11135
Modified:
trunk/src/www/tracker/admin/form-extrafieldcopy.php
Log:
Use RBAC API rather than accessing the user_group table
Modified: trunk/src/www/tracker/admin/form-extrafieldcopy.php
===================================================================
--- trunk/src/www/tracker/admin/form-extrafieldcopy.php 2010-10-22 12:13:18 UTC (rev 11134)
+++ trunk/src/www/tracker/admin/form-extrafieldcopy.php 2010-10-22 12:19:55 UTC (rev 11135)
@@ -30,24 +30,24 @@
// Get a list of all extra fields in trackers and groups that you have perms to admin
+$project_ids = array () ;
+foreach (session_getuser()->getGroups() as $p) {
+ if (forge_check_perm ('tracker_admin', $p->getID())) {
+ $project_ids[] = $p->getID() ;
+ }
+}
+
$res = db_query_params ('SELECT g.unix_group_name, agl.name AS tracker_name, aefl.field_name, aefl.extra_field_id
FROM groups g,
artifact_group_list agl,
- artifact_extra_field_list aefl,
- user_group ug,
- artifact_perm ap
- WHERE
- (ug.admin_flags=$1 OR ug.artifact_flags=2 OR ap.perm_level>=2)
- AND ug.user_id=$2
- AND ug.group_id=g.group_id
+ artifact_extra_field_list aefl
+ WHERE g.group_id=ANY($1)
AND g.group_id=agl.group_id
AND agl.group_artifact_id=ap.group_artifact_id
- AND ap.user_id=$2
AND aefl.group_artifact_id=agl.group_artifact_id
- AND aefl.extra_field_id != $3
+ AND aefl.extra_field_id != $2
AND aefl.field_type IN (1,2,3,5,7)',
- array ('A',
- user_getid(),
+ array (db_int_array_to_any_clause ($project_ids),
$id));
if (db_numrows($res) < 1) {
exit_error(_('Cannot find a destination tracker where you have administration rights.'),'tracker');
More information about the Fusionforge-commits
mailing list