From: <lph...@us...> - 2009-10-26 18:25:54
|
Revision: 22656 http://tikiwiki.svn.sourceforge.net/tikiwiki/?rev=22656&view=rev Author: lphuberdeau Date: 2009-10-26 18:25:45 +0000 (Mon, 26 Oct 2009) Log Message: ----------- [FIX] Preserve global rules when logged in as admin and use those rules when calculating permissions for a different user Modified Paths: -------------- trunk/lib/core/lib/Perms.php trunk/lib/setup/perms.php trunk/lib/tikilib.php Modified: trunk/lib/core/lib/Perms.php =================================================================== --- trunk/lib/core/lib/Perms.php 2009-10-26 18:17:02 UTC (rev 22655) +++ trunk/lib/core/lib/Perms.php 2009-10-26 18:25:45 UTC (rev 22656) @@ -101,19 +101,30 @@ * a resolver appropriate to the context requested. */ public static function get( array $context = array() ) { + if( self::$instance ) { + return self::$instance->getAccessor( $context ); + } else { + $accessor = new Perms_Accessor; + $accessor->setContext( $context ); + + return $accessor; + } + } + + public function getAccessor( array $context = array() ) { require_once 'lib/core/lib/Perms/Accessor.php'; $accessor = new Perms_Accessor; $accessor->setContext( $context ); if( self::$instance ) { - $accessor->setPrefix( self::$instance->prefix ); - $accessor->setGroups( self::$instance->groups ); + $accessor->setPrefix( $this->prefix ); + $accessor->setGroups( $this->groups ); - if( self::$instance->checkSequence ) { - $accessor->setCheckSequence( self::$instance->checkSequence ); + if( $this->checkSequence ) { + $accessor->setCheckSequence( $this->checkSequence ); } - if( $resolver = self::$instance->getResolver( $context ) ) { + if( $resolver = $this->getResolver( $context ) ) { $accessor->setResolver( $resolver ); } } Modified: trunk/lib/setup/perms.php =================================================================== --- trunk/lib/setup/perms.php 2009-10-26 18:17:02 UTC (rev 22655) +++ trunk/lib/setup/perms.php 2009-10-26 18:25:45 UTC (rev 22656) @@ -81,6 +81,9 @@ $perms->setResolverFactories( $factories ); Perms::set( $perms ); +global $globalPermRules; +$globalPermRules = $perms; + $globalperms = Perms::get(); if ($user && (($user == 'admin' && isset($_SESSION["groups_are_emulated"]) && $_SESSION["groups_are_emulated"] != "y") || $globalperms->admin ) ) { Modified: trunk/lib/tikilib.php =================================================================== --- trunk/lib/tikilib.php 2009-10-26 18:17:02 UTC (rev 22655) +++ trunk/lib/tikilib.php 2009-10-26 18:25:45 UTC (rev 22656) @@ -4146,13 +4146,19 @@ // - category permission // if O.K. this function shall replace similar constructs in list_pages and other functions above. // $categperm is the category permission that should grant $perm. if none, pass 0 - function user_has_perm_on_object($user,$object,$objtype,$perm,$categperm='tiki_p_view_categorized') { - global $userlib; - $groups = $userlib->get_user_groups( $user ); + function user_has_perm_on_object($toCheck,$object,$objtype,$perm,$categperm='tiki_p_view_categorized') { + global $userlib, $globalPermRules, $user; + $groups = $userlib->get_user_groups( $toCheck ); - $accessor = Perms::get( array( 'type' => $objtype, 'object' => $object ) ); - $accessor->setGroups( $groups ); + $context = array( 'type' => $objtype, 'object' => $object ); + if( $toCheck == $user ) { + $accessor = Perms::get( $context ); + } else { + $accessor = $globalPermRules->getAccessor( $context ); + $accessor->setGroups( $groups ); + } + return $accessor->$perm; } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |