[Tikiwiki-cvs/svn] SF.net SVN: tikiwiki:[18050] branches/3.0/lib/trackers/trackerlib.php

[<sy...@us...>]

Revision: 18050
          http://tikiwiki.svn.sourceforge.net/tikiwiki/?rev=18050&view=rev
Author:   sylvieg
Date:     2009-04-16 22:50:20 +0000 (Thu, 16 Apr 2009)

Log Message:
-----------
[FIX]perm: mod-tracker_comment->todo perm on item+numrows to be satisfied

Modified Paths:
--------------
    branches/3.0/lib/trackers/trackerlib.php

Modified: branches/3.0/lib/trackers/trackerlib.php
===================================================================
--- branches/3.0/lib/trackers/trackerlib.php	2009-04-16 20:39:14 UTC (rev 18049)
+++ branches/3.0/lib/trackers/trackerlib.php	2009-04-16 22:50:20 UTC (rev 18050)
@@ -333,6 +333,7 @@
 	}
 
 	function list_last_comments($trackerId = 0, $itemId = 0, $offset, $maxRecords) {
+		global $user;
 	    $mid = "1=1";
 	    $bindvars = array();
 
@@ -347,7 +348,10 @@
 		$query_cant = "select count(*) from `tiki_tracker_item_comments` t left join `tiki_tracker_items` a on t.`itemId`=a.`itemId` where $mid and a.`trackerId`=? order by t.`posted` desc";
 	    }
 	    else {
-		$query = "select * from `tiki_tracker_item_comments` where $mid order by `posted` desc";
+			if (!$this->user_has_perm_on_object($user, $trackerId, 'tracker', 'tiki_p_view_trackers') ) {
+				return array('cant'=>0);
+			}
+		$query = "select t.*, a.`trackerId` from `tiki_tracker_item_comments` t left join `tiki_tracker_items` a on t.`itemId`=a.`itemId` where $mid order by `posted` desc";
 		$query_cant = "select count(*) from `tiki_tracker_item_comments` where $mid";
 	    }
 	    $result = $this->query($query,$bindvars,$maxRecords,$offset);
@@ -355,6 +359,10 @@
 	    $ret = array();
 
 	    while ($res = $result->fetchRow()) {
+			if (!$trackerId && !$this->user_has_perm_on_object($user, $res['trackerId'], 'tracker', 'tiki_p_view_trackers') ) {
+				--$cant;
+				continue;
+			}
 		$res["parsed"] = nl2br($res["data"]);
 		$ret[] = $res;
 	    }


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.