[Fusionforge-commits] FusionForge branch Branch_5_3 updated. 6e74d197024b888de299043999ec2034114561ce

Franck Villaume nerville at fusionforge.org
Thu Aug 21 14:12:42 CEST 2014


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "FusionForge".

The branch, Branch_5_3 has been updated
       via  6e74d197024b888de299043999ec2034114561ce (commit)
      from  b1162df369dc93fbdab227a9320289f5038b84b8 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 6e74d197024b888de299043999ec2034114561ce
Author: Franck Villaume <franck.villaume at trivialdev.com>
Date:   Thu Aug 21 14:10:51 2014 +0200

    fix [#711]: Project members list public even if project is private

diff --git a/src/CHANGES b/src/CHANGES
index a9bcdc1..5f443d4 100644
--- a/src/CHANGES
+++ b/src/CHANGES
@@ -2,6 +2,7 @@ Fusionforge-5.3.2:
 * Software map: fix "value too long for type character varying(255)" error in cron db_trove_maint.php (Inria)
 * Projects: fix Project name with html [#687] (TrivialDev)
 * Projects: don't display admins if their account is suspended (Inria)
+* Projects: member lists should check permission [#711] (TrivialDev)
 * Admin: fix edit table themes, fix frs_processor sequence [#691] (TrivialDev)
 * SCM Git: suppress 'warning: You appear to have cloned an empty repository.' in create_scm_repos.php (Inria)
 * User SSH keys (ssh_create.php): fix harmless warning when user removes all her keys (Inria)
@@ -78,7 +79,7 @@ Plugins:
 * webanalytics: new plugin to add support for piwik or google analytics tool (TrivialDev)
 * scmhook: Support added for pre-revprop-changehooks to change properties (Alcatel-Lucent)
 * scmhook: Add commitEmail support for scmhg plugin (TrivialDev)
-* new admssw plugin to provide ADMS.SW compatible RDF descriptions of projects 
+* new admssw plugin to provide ADMS.SW compatible RDF descriptions of projects
 * blocks: improved with a new HTML widget for the project summary page (Alcatel-Lucent)
 * svntracker : this plugin is superseed by scmhook
 * svncommitemail : this plugin is superseed by scmhook
@@ -104,7 +105,7 @@ FusionForge-5.2:
 * Trackers: New view to display roadmaps view for trackers (Alcatel-Lucent)
 * scmsvn: private project can now be browsed with viewvc using user rights management (TrivialDev).
 * scmsvn: basic activity support (TrivialDev).
-* New doaprdf and foafprofiles plugins which provide RDF descriptions of projects and 
+* New doaprdf and foafprofiles plugins which provide RDF descriptions of projects and
   people (Institut Telecom via COCLICO project)
 
 
@@ -113,7 +114,7 @@ FusionForge-5.1:
 * Docman: new UI (Capgemini)
 * Docman: extract documents and directories as zip archive (Capgemini)
 * Docman: rebirth of URL and online creation documents (better with
-  HTML editor) (Capgemini) 
+  HTML editor) (Capgemini)
 * Docman: new reservation document feature (Capgemini)
 * HTML Editor: available in task PM (Capgemini)
 * Trackers: New progress bar to view completion state (when custom
@@ -203,13 +204,13 @@ FusionForge-5.0:
 * Trackers: The values for 'select box' custom fields can now be reordered (Alcatel-Lucent)
 * Trackers: A workflow on the status field (when overwritten) can be set. Allowed
   transition between values can be defined and allowed per roles (Alcatel-Lucent)
-* Trackers: A new type of extra field has been added: Relation between artifact. 
+* Trackers: A new type of extra field has been added: Relation between artifact.
   This type allow to create a relation between artifacts. Backwards relation can
   also be visible (Alcatel-Lucent)
 * Trackers: Dynamic links added, expressions like [#NNN],[TNNN] are now rendered as
   links for description and comments (Alcatel-Lucent).
 * Trackers: Search improved to allow searching in text fields (Alcatel-Lucent).
-* Trackers: New system to share a search query. Shared queries can be represented 
+* Trackers: New system to share a search query. Shared queries can be represented
   as an URL or bookmarked. It is also possible to define one query as the default
   one (Alcatel-Lucent)
 * Trackers: Custom fields are now preserved (if same name and value) when moving an
diff --git a/src/www/project/memberlist.php b/src/www/project/memberlist.php
index cca6e48..6ea6dd7 100644
--- a/src/www/project/memberlist.php
+++ b/src/www/project/memberlist.php
@@ -4,6 +4,7 @@
  *
  * Copyright 1999-2001 (c) VA Linux Systems
  * Copyright 2002-2004 (c) GForge Team
+ * Copyright 2014, Franck Villaume - TrivialDev
  * http://fusionforge.org/
  *
  * This file is part of FusionForge. FusionForge is free software;
@@ -32,6 +33,8 @@ if (!$group_id && $form_grp) {
 	$group_id = $form_grp;
 }
 
+session_require_perm($group_id, 'project_read');
+
 site_project_header(array('title'=>_('Project Member List'),'group'=>$group_id,'toptab'=>'memberlist'));
 
 echo '<p>' . _('If you would like to contribute to this project by becoming a member, contact one of the project admins, designated in bold text below.') . '</p>';

-----------------------------------------------------------------------

Summary of changes:
 src/CHANGES                    |   11 ++++++-----
 src/www/project/memberlist.php |    3 +++
 2 files changed, 9 insertions(+), 5 deletions(-)


hooks/post-receive
-- 
FusionForge



More information about the Fusionforge-commits mailing list