Menu
▾
▴
[Tikiwiki-cvs/svn] SF.net SVN: tikiwiki:[22656] trunk/lib
|
From: <lph...@us...> - 2009-10-26 18:25:54
|
Revision: 22656
http://tikiwiki.svn.sourceforge.net/tikiwiki/?rev=22656&view=rev
Author: lphuberdeau
Date: 2009-10-26 18:25:45 +0000 (Mon, 26 Oct 2009)
Log Message:
-----------
[FIX] Preserve global rules when logged in as admin and use those rules when calculating permissions for a different user
Modified Paths:
--------------
trunk/lib/core/lib/Perms.php
trunk/lib/setup/perms.php
trunk/lib/tikilib.php
Modified: trunk/lib/core/lib/Perms.php
===================================================================
--- trunk/lib/core/lib/Perms.php 2009-10-26 18:17:02 UTC (rev 22655)
+++ trunk/lib/core/lib/Perms.php 2009-10-26 18:25:45 UTC (rev 22656)
@@ -101,19 +101,30 @@
* a resolver appropriate to the context requested.
*/
public static function get( array $context = array() ) {
+ if( self::$instance ) {
+ return self::$instance->getAccessor( $context );
+ } else {
+ $accessor = new Perms_Accessor;
+ $accessor->setContext( $context );
+
+ return $accessor;
+ }
+ }
+
+ public function getAccessor( array $context = array() ) {
require_once 'lib/core/lib/Perms/Accessor.php';
$accessor = new Perms_Accessor;
$accessor->setContext( $context );
if( self::$instance ) {
- $accessor->setPrefix( self::$instance->prefix );
- $accessor->setGroups( self::$instance->groups );
+ $accessor->setPrefix( $this->prefix );
+ $accessor->setGroups( $this->groups );
- if( self::$instance->checkSequence ) {
- $accessor->setCheckSequence( self::$instance->checkSequence );
+ if( $this->checkSequence ) {
+ $accessor->setCheckSequence( $this->checkSequence );
}
- if( $resolver = self::$instance->getResolver( $context ) ) {
+ if( $resolver = $this->getResolver( $context ) ) {
$accessor->setResolver( $resolver );
}
}
Modified: trunk/lib/setup/perms.php
===================================================================
--- trunk/lib/setup/perms.php 2009-10-26 18:17:02 UTC (rev 22655)
+++ trunk/lib/setup/perms.php 2009-10-26 18:25:45 UTC (rev 22656)
@@ -81,6 +81,9 @@
$perms->setResolverFactories( $factories );
Perms::set( $perms );
+global $globalPermRules;
+$globalPermRules = $perms;
+
$globalperms = Perms::get();
if ($user && (($user == 'admin' && isset($_SESSION["groups_are_emulated"]) && $_SESSION["groups_are_emulated"] != "y") || $globalperms->admin ) ) {
Modified: trunk/lib/tikilib.php
===================================================================
--- trunk/lib/tikilib.php 2009-10-26 18:17:02 UTC (rev 22655)
+++ trunk/lib/tikilib.php 2009-10-26 18:25:45 UTC (rev 22656)
@@ -4146,13 +4146,19 @@
// - category permission
// if O.K. this function shall replace similar constructs in list_pages and other functions above.
// $categperm is the category permission that should grant $perm. if none, pass 0
- function user_has_perm_on_object($user,$object,$objtype,$perm,$categperm='tiki_p_view_categorized') {
- global $userlib;
- $groups = $userlib->get_user_groups( $user );
+ function user_has_perm_on_object($toCheck,$object,$objtype,$perm,$categperm='tiki_p_view_categorized') {
+ global $userlib, $globalPermRules, $user;
+ $groups = $userlib->get_user_groups( $toCheck );
- $accessor = Perms::get( array( 'type' => $objtype, 'object' => $object ) );
- $accessor->setGroups( $groups );
+ $context = array( 'type' => $objtype, 'object' => $object );
+ if( $toCheck == $user ) {
+ $accessor = Perms::get( $context );
+ } else {
+ $accessor = $globalPermRules->getAccessor( $context );
+ $accessor->setGroups( $groups );
+ }
+
return $accessor->$perm;
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|