Commit 2414b84917ce6d41a8056f167ed73162b2b2293e
1 parent
dbc76c6e
#2978 only allow the creation/editing of a sys admin group if you are a system administrator
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@2759 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
20 additions
and
8 deletions
presentation/lookAndFeel/knowledgeTree/administration/groupmanagement/editGroupUI.inc
| ... | ... | @@ -32,11 +32,21 @@ function getCreatePage($iGroupID) { |
| 32 | 32 | $oGroup = null; |
| 33 | 33 | |
| 34 | 34 | $sQuery = "SELECT * FROM $default->groups_table WHERE id = $iGroupID"; |
| 35 | - $aDisplayColumns = array("name","is_sys_admin","is_unit_admin"); | |
| 36 | - $aStoreColumns = array("name","is_sys_admin","is_unit_admin"); | |
| 37 | - $aColumnNames = array("Name:","System admin:", "Unit admin:"); | |
| 38 | - $aDisplayColumnTypes = array(1,2,2); | |
| 39 | - $aDatabaseColumnTypes = array(1,2,2); | |
| 35 | + // #2978 if you're not a system administrator, you can't add a sys admin group | |
| 36 | + // FIXME: there must be a more elegant way to do this? possibly some exclusions to the pattern | |
| 37 | + if (Permission::userIsSystemAdministrator()) { | |
| 38 | + $aDisplayColumns = array("name","is_sys_admin","is_unit_admin"); | |
| 39 | + $aStoreColumns = array("name","is_sys_admin","is_unit_admin"); | |
| 40 | + $aColumnNames = array("Name:","System admin:", "Unit admin:"); | |
| 41 | + $aDisplayColumnTypes = array(1,2,2); | |
| 42 | + $aDatabaseColumnTypes = array(1,2,2); | |
| 43 | + } else { | |
| 44 | + $aDisplayColumns = array("name","is_unit_admin"); | |
| 45 | + $aStoreColumns = array("name","is_unit_admin"); | |
| 46 | + $aColumnNames = array("Name:","Unit admin:"); | |
| 47 | + $aDisplayColumnTypes = array(1,2); | |
| 48 | + $aDatabaseColumnTypes = array(1,2); | |
| 49 | + } | |
| 40 | 50 | |
| 41 | 51 | // get list of group properties...name...text field...is_Sys_admin and is_unit_admin..checkboxes |
| 42 | 52 | $oPattern = & new PatternEditableListFromQuery($sQuery, $default->groups_table, $aDisplayColumns, $aStoreColumns, $aColumnNames, $aDisplayColumnTypes, $aDatabaseColumnTypes); |
| ... | ... | @@ -107,9 +117,11 @@ function getEditPage($iGroupID) { |
| 107 | 117 | $sToRender .= "<tr>\n"; |
| 108 | 118 | $sToRender .= "<td>Unit Administrator: </td><td>" . getUnitAdminCheckBox($oGroup) . "</td>\n"; |
| 109 | 119 | $sToRender .= "</tr>\n"; |
| 110 | - $sToRender .= "<tr>\n"; | |
| 111 | - $sToRender .= "<td>System Administrator: </td><td>" . getSysAdminCheckBox($oGroup) . "</td>\n"; | |
| 112 | - $sToRender .= "</tr>\n"; | |
| 120 | + if (Permission::userIsSystemAdministrator()) { | |
| 121 | + $sToRender .= "<tr>\n"; | |
| 122 | + $sToRender .= "<td>System Administrator: </td><td>" . getSysAdminCheckBox($oGroup) . "</td>\n"; | |
| 123 | + $sToRender .= "</tr>\n"; | |
| 124 | + } | |
| 113 | 125 | $sToRender .= "<tr>\n"; |
| 114 | 126 | $sToRender .= "</tr>\n"; |
| 115 | 127 | } | ... | ... |