[basedb-cvs] basedb/include/classes item.inc.php,1.21,1.22 news.inc.php,1.6,1.7 raw.inc.php,1.27,1.2

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/basedb/basedb/include/classes
In directory sc8-pr-cvs1:/tmp/cvs-serv20384/include/classes

Modified Files:
	item.inc.php news.inc.php raw.inc.php reporterlist.inc.php 
	user.inc.php 
Log Message:
Fixed problems that were found while running as non-superuser

Index: item.inc.php
===================================================================
RCS file: /cvsroot/basedb/basedb/include/classes/item.inc.php,v
retrieving revision 1.21
retrieving revision 1.22
diff -C2 -d -r1.21 -r1.22
*** item.inc.php	2 Feb 2003 15:31:51 -0000	1.21
--- item.inc.php	15 Feb 2003 11:29:06 -0000	1.22
***************
*** 303,311 ****
  	}
  
! 	// Returns an array with (name,removed,owner), plus
  	// gid,groupAccess,worldAccess if $sharing is true.
  	function getBasicFromId($type, $id, $sharing = true)
  	{
! 		$query = "SELECT name, removed, owner".
  			($sharing ? ", gid, `groupAccess`, `worldAccess`" : "").
  			" FROM $type WHERE id = ".(int)$id;
--- 303,311 ----
  	}
  
! 	// Returns an array with (id,name,removed,owner), plus
  	// gid,groupAccess,worldAccess if $sharing is true.
  	function getBasicFromId($type, $id, $sharing = true)
  	{
! 		$query = "SELECT id, name, removed, owner".
  			($sharing ? ", gid, `groupAccess`, `worldAccess`" : "").
  			" FROM $type WHERE id = ".(int)$id;

Index: news.inc.php
===================================================================
RCS file: /cvsroot/basedb/basedb/include/classes/news.inc.php,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** news.inc.php	30 Dec 2002 22:09:16 -0000	1.6
--- news.inc.php	15 Feb 2003 11:29:07 -0000	1.7
***************
*** 74,78 ****
  
  		$query = "SELECT COUNT(*) FROM News n ".
! 			"WHERE ".db_true()." ".$search->getWhere();
  		$res = query($query);
  		if($row =& db_fetch_row($res)) $cnt = $row[0];
--- 74,79 ----
  
  		$query = "SELECT COUNT(*) FROM News n ".
! 			"WHERE ".Item::whereRemoved("n", 0)." ".
! 			$search->getWhere();
  		$res = query($query);
  		if($row =& db_fetch_row($res)) $cnt = $row[0];
***************
*** 92,96 ****
  		$query = "SELECT n.*, ug.`name` AS `userName` ".
  			"FROM News n, UserGroup ug ".
! 			"WHERE n.owner = ug.id";
  			$search->getWhere()." $ob ".$search->makeLimit();
  
--- 93,98 ----
  		$query = "SELECT n.*, ug.`name` AS `userName` ".
  			"FROM News n, UserGroup ug ".
! 			"WHERE n.owner = ug.id ".
! 			Item::whereRemovedAnd("n", 0)." ".
  			$search->getWhere()." $ob ".$search->makeLimit();
  

Index: raw.inc.php
===================================================================
RCS file: /cvsroot/basedb/basedb/include/classes/raw.inc.php,v
retrieving revision 1.27
retrieving revision 1.28
diff -C2 -d -r1.27 -r1.28
*** raw.inc.php	3 Feb 2003 20:13:18 -0000	1.27
--- raw.inc.php	15 Feb 2003 11:29:07 -0000	1.28
***************
*** 346,349 ****
--- 346,350 ----
  		$search->makeWhere($fields);
  		$search->addExtraWhere(Item::whereRemoved("r", $removed));
+ 		$search->addExtraWhere(Item::whereShared("r", $user));
  		if($expid)
  		{

Index: reporterlist.inc.php
===================================================================
RCS file: /cvsroot/basedb/basedb/include/classes/reporterlist.inc.php,v
retrieving revision 1.11
retrieving revision 1.12
diff -C2 -d -r1.11 -r1.12
*** reporterlist.inc.php	30 Jan 2003 16:45:21 -0000	1.11
--- reporterlist.inc.php	15 Feb 2003 11:29:07 -0000	1.12
***************
*** 389,393 ****
  	}
  
! 
  }
  
--- 389,396 ----
  	}
  
! 	function isShared($user, $write = 0)
! 	{
! 		return Experiment::isSharedId($this->experiment, $user, $write);
! 	}
  }
  

Index: user.inc.php
===================================================================
RCS file: /cvsroot/basedb/basedb/include/classes/user.inc.php,v
retrieving revision 1.24
retrieving revision 1.25
diff -C2 -d -r1.24 -r1.25
*** user.inc.php	4 Feb 2003 18:28:59 -0000	1.24
--- user.inc.php	15 Feb 2003 11:29:07 -0000	1.25
***************
*** 248,252 ****
  	}
  
! 	// Superusers can edit anyone, but cannot be edited by normal user admins.
  	function mayEdit(&$user)
  	{
--- 248,252 ----
  	}
  
! /*	// Superusers can edit anyone, but cannot be edited by normal user admins.
  	function mayEdit(&$user)
  	{
***************
*** 262,265 ****
--- 262,278 ----
  	{
  		return $this->mayEdit($user);
+ 	}*/
+ 
+ 	// Superusers can edit anyone, but cannot be edited by normal user admins.
+ 	function isShared($user, $write = 0)
+ 	{
+ 		$acc = (int)$write;
+ 		if(!$acc)
+ 		{
+ 			return $user->access($this->globalRead());
+ 		}
+ 		return $user->access(BUA_SUPERUSER) ||
+ 			$user->access($this->globalEdit()) &&
+ 			!$this->access(BUA_SUPERUSER);
  	}
  }

[basedb-cvs] basedb/include/classes item.inc.php,1.21,1.22 news.inc.php,1.6,1.7 raw.inc.php,1.27,1.2

[basedb-cvs] basedb/include/classes item.inc.php,1.21,1.22 news.inc.php,1.6,1.7 raw.inc.php,1.27,1.28 reporterlist.inc.php,1.11,1.12 user.inc.php,1.24,1.25