[Fusionforge-commits] r14737 - in trunk/src: common/include common/widget www/frs www/include www/news www/people www/people/admin www/survey/admin www/widgets

Thorsten Glaser mirabilos at fusionforge.org
Thu Nov 3 15:26:59 CET 2011


Author: mirabilos
Date: 2011-11-03 15:26:58 +0100 (Thu, 03 Nov 2011)
New Revision: 14737

Modified:
   trunk/src/common/include/User.class.php
   trunk/src/common/widget/Widget.class.php
   trunk/src/common/widget/WidgetLayoutManager.class.php
   trunk/src/common/widget/Widget_ProjectLatestDocuments.class.php
   trunk/src/common/widget/Widget_ProjectLatestFileReleases.class.php
   trunk/src/www/frs/index.php
   trunk/src/www/frs/shownotes.php
   trunk/src/www/include/user_profile.php
   trunk/src/www/news/submit.php
   trunk/src/www/people/admin/index.php
   trunk/src/www/people/createjob.php
   trunk/src/www/people/editjob.php
   trunk/src/www/survey/admin/index.php
   trunk/src/www/survey/admin/question.php
   trunk/src/www/survey/admin/show_questions.php
   trunk/src/www/survey/admin/show_results.php
   trunk/src/www/survey/admin/show_results_aggregate.php
   trunk/src/www/survey/admin/show_results_comments.php
   trunk/src/www/survey/admin/show_results_csv.php
   trunk/src/www/survey/admin/show_results_individual.php
   trunk/src/www/survey/admin/survey.php
   trunk/src/www/widgets/updatelayout.php
   trunk/src/www/widgets/widget.php
   trunk/src/www/widgets/widgets.php
Log:
Use RBAC (user_is_super_user does not exist in FF):

- Replace user_ismember(1[, 'A']) and user_is_super_user()
  with forge_check_global_perm('forge_admin')
- Replace user_ismember($group_id, 'A')
  with forge_check_perm('project_admin', $group_id)
- For now, keep user_ismember($group_id) alone, as we still implement it


Modified: trunk/src/common/include/User.class.php
===================================================================
--- trunk/src/common/include/User.class.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/common/include/User.class.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -1678,7 +1678,9 @@
 
 /**
  * user_ismember() - DEPRECATED; DO NOT USE! (TODO: document what should be used instead)
- *  May need to be replaced by forge_check_perm ('project_admin', $group_id) if checking for project admin
+ *  Replace user_ismember(1[, 'A']) with forge_check_global_perm('forge_admin')
+ *  Replace user_ismember($group_id, 'A') with forge_check_perm('project_admin', $group_id)
+ *  For now, keep user_ismember($group_id) alone
  * @param		int		The Group ID
  * @param		int		The Type
  * @deprecated

Modified: trunk/src/common/widget/Widget.class.php
===================================================================
--- trunk/src/common/widget/Widget.class.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/common/widget/Widget.class.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -227,10 +227,11 @@
 				$o = new Widget_MyWikiPage();
 				break;
 				case 'mysystemevent':
-				if (user_is_super_user()) { //This widget is only for super admin
-				$o = new Widget_MySystemEvent();
-				}
-				break;
+					// This widget is only for super admin
+					if (forge_check_global_perm('forge_admin')) {
+						$o = new Widget_MySystemEvent();
+					}
+					break;
 				case 'projectclassification':
 				$o = new Widget_ProjectClassification();
 				break;*/

Modified: trunk/src/common/widget/WidgetLayoutManager.class.php
===================================================================
--- trunk/src/common/widget/WidgetLayoutManager.class.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/common/widget/WidgetLayoutManager.class.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -118,7 +118,7 @@
 				}
 				break;
 			case self::OWNER_TYPE_GROUP:
-				if (UserManager::instance()->getCurrentUser()->is_super_user==true || user_ismember($request->get('group_id'), 'A')) { //Only project admin
+				if (UserManager::instance()->getCurrentUser()->is_super_user==true || forge_check_perm('project_admin', $request->get('group_id'))) { //Only project admin
 					$readonly = false;
 				}
 				break;

Modified: trunk/src/common/widget/Widget_ProjectLatestDocuments.class.php
===================================================================
--- trunk/src/common/widget/Widget_ProjectLatestDocuments.class.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/common/widget/Widget_ProjectLatestDocuments.class.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -53,7 +53,8 @@
 						AND stateid=$2',
 					array($group_id, '1'));
 
-		if (session_loggedin() && (user_ismember($group_id) || user_ismember(1,'A'))) {
+		if (session_loggedin() && (user_ismember($group_id) ||
+		    forge_check_global_perm('forge_admin'))) {
 			$qpa = db_construct_qpa($qpa, ' OR stateid=$1 OR stateid=$2 OR stateid=$3', array('3','4','5'));
 		}
 
@@ -67,7 +68,8 @@
 			echo '<div class="warning">'._('This Project Has Not Published Any Documents').'</div>';
 		} else {
 			$tabletop = array(_('Date'), _('Filename'), _('Title'), _('Author'));
-			if (session_loggedin() && (user_ismember($group_id) || user_ismember(1,'A'))) {
+			if (session_loggedin() && (user_ismember($group_id) ||
+			    forge_check_global_perm('forge_admin'))) {
 				$tabletop[] = _('Status');
 			}
 			echo $HTML->listTableTop($tabletop, false, 'sortable_widget_docman_listfile', 'sortable');
@@ -95,7 +97,8 @@
 						<td >'
 							. make_user_link($user_name, $realname) .
 						'</td>';
-				if (session_loggedin() && (user_ismember($group_id) || user_ismember(1,'A'))) {
+				if (session_loggedin() && (user_ismember($group_id) ||
+				    forge_check_global_perm('forge_admin'))) {
 					echo	'<td>'
 							. $statename .
 						'</td>';

Modified: trunk/src/common/widget/Widget_ProjectLatestFileReleases.class.php
===================================================================
--- trunk/src/common/widget/Widget_ProjectLatestFileReleases.class.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/common/widget/Widget_ProjectLatestFileReleases.class.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -74,7 +74,7 @@
 		//
 		$public_required = 1;
 		if (session_loggedin() &&
-		    (user_ismember($group_id) || user_ismember(1,'A'))) {
+		    (user_ismember($group_id) || forge_check_global_perm('forge_admin'))) {
 			$public_required = 0 ;
 		}
 

Modified: trunk/src/www/frs/index.php
===================================================================
--- trunk/src/www/frs/index.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/www/frs/index.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -42,7 +42,7 @@
 //	Non-members can only see public packages
 //
 if (session_loggedin()) {
-	if (user_ismember($group_id) || user_ismember(1,'A')) {
+	if (user_ismember($group_id) || forge_check_global_perm('forge_admin')) {
 		$pub_sql='';
 	} else {
 		$pub_sql=' AND is_public=1 ';

Modified: trunk/src/www/frs/shownotes.php
===================================================================
--- trunk/src/www/frs/shownotes.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/www/frs/shownotes.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -46,7 +46,8 @@
 	//  Members of projects can see all packages
 	//  Non-members can only see public packages
 	if(!$is_public) {
-		if (!session_loggedin() || (!user_ismember($group_id) && !user_ismember(1,'A'))) {
+		if (!session_loggedin() || (!user_ismember($group_id) &&
+		    !forge_check_global_perm('forge_admin'))) {
 			exit_permission_denied();
 		}
 	}

Modified: trunk/src/www/include/user_profile.php
===================================================================
--- trunk/src/www/include/user_profile.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/www/include/user_profile.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -72,7 +72,7 @@
 	// description as a FusionForge Community member
 	//print '<div property ="dc:Identifier" content="'.$user_id.'">';
 	$user_id_html = '';
-	if (session_loggedin() && user_ismember(1)) {
+	if (session_loggedin() && forge_check_global_perm('forge_admin')) {
 		$user_id_html = util_make_link('/admin/useredit.php?user_id='.$user_id, $user_id);
 	} else {
 		$user_id_html = $user_id;

Modified: trunk/src/www/news/submit.php
===================================================================
--- trunk/src/www/news/submit.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/www/news/submit.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -69,7 +69,7 @@
 
 if (session_loggedin()) {
 
-	if (!user_ismember($group_id,'A')) {
+	if (!forge_check_perm('project_admin', $group_id)) {
 		exit_permission_denied(_('You cannot submit news for a project unless you are an admin on that project'),'home');
 	}
 

Modified: trunk/src/www/people/admin/index.php
===================================================================
--- trunk/src/www/people/admin/index.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/www/people/admin/index.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -34,7 +34,7 @@
 $group_id = getIntFromRequest('group_id');
 $job_id = getIntFromRequest('job_id');
 
-if (user_ismember(1,'A')) {
+if (forge_check_global_perm('forge_admin')) {
 
 	if (getStringFromRequest('post_changes')) {
 		/*

Modified: trunk/src/www/people/createjob.php
===================================================================
--- trunk/src/www/people/createjob.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/www/people/createjob.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -33,7 +33,7 @@
 
 $group_id = getIntFromRequest('group_id');
 
-if ($group_id && (user_ismember($group_id, 'A'))) {
+if ($group_id && (forge_check_perm('project_admin', $group_id))) {
 
 	project_admin_header(array());
 

Modified: trunk/src/www/people/editjob.php
===================================================================
--- trunk/src/www/people/editjob.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/www/people/editjob.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -33,7 +33,7 @@
 
 $group_id = getIntFromRequest('group_id');
 
-if ($group_id && (user_ismember($group_id, 'A'))) {
+if ($group_id && (forge_check_perm('project_admin', $group_id))) {
 	$title = getStringFromRequest('title');
 	$description = getStringFromRequest('description');
 	$category_id = getIntFromRequest('category_id');

Modified: trunk/src/www/survey/admin/index.php
===================================================================
--- trunk/src/www/survey/admin/index.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/www/survey/admin/index.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -48,7 +48,7 @@
 	exit_not_logged_in();
 }
 
-if ( !user_ismember($group_id,'A')) {
+if ( !forge_check_perm('project_admin', $group_id)) {
 	exit_permission_denied(_('You are not a Project admin'),'surveys');
 }
 

Modified: trunk/src/www/survey/admin/question.php
===================================================================
--- trunk/src/www/survey/admin/question.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/www/survey/admin/question.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -52,7 +52,7 @@
 $title = $question_id ? _('Edit a Question') : _('Add a Question');
 $sh->header(array('title'=>$title));
 
-if (!session_loggedin() || !user_ismember($group_id,'A')) {
+if (!session_loggedin() || !forge_check_perm('project_admin', $group_id)) {
     echo '<div class="error">'._('Permission denied').'</div>';
     $sh->footer(array());
     exit;

Modified: trunk/src/www/survey/admin/show_questions.php
===================================================================
--- trunk/src/www/survey/admin/show_questions.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/www/survey/admin/show_questions.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -31,7 +31,7 @@
 $survey_id = getIntFromRequest('survey_id');
 survey_header(array('title'=>_('Survey Questions')));
 
-if (!session_loggedin() || !user_ismember($group_id,'A')) {
+if (!session_loggedin() || !forge_check_perm('project_admin', $group_id)) {
 	echo '<div class="error">'._('Permission denied').'</div>';
 	survey_footer(array());
 	exit;

Modified: trunk/src/www/survey/admin/show_results.php
===================================================================
--- trunk/src/www/survey/admin/show_results.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/www/survey/admin/show_results.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -55,7 +55,7 @@
 $title = _('Survey Results');
 $sh->header(array('title'=>$title));
 
-if (!session_loggedin() || !user_ismember($group_id,'A')) {
+if (!session_loggedin() || !forge_check_perm('project_admin', $group_id)) {
 	echo '<p class="error">'._('Permission denied').'</p>';
 	$sh->footer(array());
 	exit;

Modified: trunk/src/www/survey/admin/show_results_aggregate.php
===================================================================
--- trunk/src/www/survey/admin/show_results_aggregate.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/www/survey/admin/show_results_aggregate.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -31,7 +31,7 @@
 $survey_id = getIntFromRequest('survey_id');
 survey_header(array('title'=>_('Survey Aggregate Results')));
 
-if (!session_loggedin() || !user_ismember($group_id,'A')) {
+if (!session_loggedin() || !forge_check_perm('project_admin', $group_id)) {
 	echo '<div class="error">'._('Permission denied').'</div>';
 	survey_footer(array());
 	exit;

Modified: trunk/src/www/survey/admin/show_results_comments.php
===================================================================
--- trunk/src/www/survey/admin/show_results_comments.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/www/survey/admin/show_results_comments.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -32,7 +32,7 @@
 $question_id = getIntFromRequest('question_id');
 survey_header(array('title'=>'Survey Aggregate Results'));
 
-if (!session_loggedin() || !user_ismember($group_id,'A')) {
+if (!session_loggedin() || !forge_check_perm('project_admin', $group_id)) {
 	echo '<div class="error">'._('Permission denied').'</div>';
 	survey_footer(array());
 	exit;

Modified: trunk/src/www/survey/admin/show_results_csv.php
===================================================================
--- trunk/src/www/survey/admin/show_results_csv.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/www/survey/admin/show_results_csv.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -29,7 +29,7 @@
 $group_id = getIntFromRequest('group_id');
 $survey_id = getIntFromRequest('survey_id');
 
-if (!session_loggedin() || !user_ismember($group_id,'A')) {
+if (!session_loggedin() || !forge_check_perm('project_admin', $group_id)) {
         echo '<div class="error">'._('Permission denied').'</div>';
 	exit;
 }

Modified: trunk/src/www/survey/admin/show_results_individual.php
===================================================================
--- trunk/src/www/survey/admin/show_results_individual.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/www/survey/admin/show_results_individual.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -32,7 +32,7 @@
 $customer_id = getIntFromRequest('customer_id');
 survey_header(array('title'=>_('Results')));
 
-if (!session_loggedin() || !user_ismember($group_id,'A')) {
+if (!session_loggedin() || !forge_check_perm('project_admin', $group_id)) {
         echo '<div class="error">'._('Permission denied').'</div>';
         survey_footer(array());
 	exit;

Modified: trunk/src/www/survey/admin/survey.php
===================================================================
--- trunk/src/www/survey/admin/survey.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/www/survey/admin/survey.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -48,7 +48,7 @@
 $sh = new  SurveyHtml();
 $s = new Survey($g, $survey_id);
 
-if (!session_loggedin() || !user_ismember($group_id,'A')) {
+if (!session_loggedin() || !forge_check_perm('project_admin', $group_id)) {
 	$sh->header(array());
 	echo '<div class="error">' . _('Permission denied') . '</div>';
 	$sh->footer(array());

Modified: trunk/src/www/widgets/updatelayout.php
===================================================================
--- trunk/src/www/widgets/updatelayout.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/www/widgets/updatelayout.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -49,7 +49,8 @@
                 $_REQUEST['group_id'] = $_GET['group_id'] = $group_id;
                 $request->params['group_id'] = $group_id; //bad!
                 $redirect = '/projects/'. $project->getUnixName().'/';
-                if (!user_ismember($group_id, 'A') && !user_is_super_user()) {
+		if (!forge_check_perm('project_admin', $group_id) &&
+		    !forge_check_global_perm('forge_admin')) {
                     $GLOBALS['Response']->redirect($redirect);
                 }
                 $good = true;

Modified: trunk/src/www/widgets/widget.php
===================================================================
--- trunk/src/www/widgets/widget.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/www/widgets/widget.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -71,7 +71,9 @@
                             break;
                         case 'update':
                             if ($layout_id = (int)$request->get('layout_id')) {
-                                if ($owner_type == WidgetLayoutManager::OWNER_TYPE_USER || user_ismember($group_id, 'A') || user_is_super_user()) {
+                                if ($owner_type == WidgetLayoutManager::OWNER_TYPE_USER ||
+				    forge_check_perm('project_admin', $group_id) ||
+				    forge_check_global_perm('forge_admin')) {
                                     if ($request->get('cancel') || $widget->updatePreferences($request)) {
                                         $lm->hideWidgetPreferences($owner_id, $owner_type, $layout_id, $name, $instance_id);
                                     }

Modified: trunk/src/www/widgets/widgets.php
===================================================================
--- trunk/src/www/widgets/widgets.php	2011-10-31 14:16:50 UTC (rev 14736)
+++ trunk/src/www/widgets/widgets.php	2011-11-03 14:26:58 UTC (rev 14737)
@@ -64,7 +64,8 @@
 					$group_id = $owner_id;
 					$_REQUEST['group_id'] = $_GET['group_id'] = $group_id;
 					$request->params['group_id'] = $group_id; //bad!
-					if (user_ismember($group_id, 'A') || user_is_super_user()) {
+					if (forge_check_perm('project_admin', $group_id) ||
+					    forge_check_global_perm('forge_admin')) {
 						if (HTTPRequest::instance()->get('update') == 'layout') {
 							$title = _("Customize layout");
 						} else {




More information about the Fusionforge-commits mailing list