Commit 2414b84917ce6d41a8056f167ed73162b2b2293e
1 parent
dbc76c6e
#2978 only allow the creation/editing of a sys admin group if you are a system administrator
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@2759 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
20 additions
and
8 deletions
presentation/lookAndFeel/knowledgeTree/administration/groupmanagement/editGroupUI.inc
| @@ -32,11 +32,21 @@ function getCreatePage($iGroupID) { | @@ -32,11 +32,21 @@ function getCreatePage($iGroupID) { | ||
| 32 | $oGroup = null; | 32 | $oGroup = null; |
| 33 | 33 | ||
| 34 | $sQuery = "SELECT * FROM $default->groups_table WHERE id = $iGroupID"; | 34 | $sQuery = "SELECT * FROM $default->groups_table WHERE id = $iGroupID"; |
| 35 | - $aDisplayColumns = array("name","is_sys_admin","is_unit_admin"); | ||
| 36 | - $aStoreColumns = array("name","is_sys_admin","is_unit_admin"); | ||
| 37 | - $aColumnNames = array("Name:","System admin:", "Unit admin:"); | ||
| 38 | - $aDisplayColumnTypes = array(1,2,2); | ||
| 39 | - $aDatabaseColumnTypes = array(1,2,2); | 35 | + // #2978 if you're not a system administrator, you can't add a sys admin group |
| 36 | + // FIXME: there must be a more elegant way to do this? possibly some exclusions to the pattern | ||
| 37 | + if (Permission::userIsSystemAdministrator()) { | ||
| 38 | + $aDisplayColumns = array("name","is_sys_admin","is_unit_admin"); | ||
| 39 | + $aStoreColumns = array("name","is_sys_admin","is_unit_admin"); | ||
| 40 | + $aColumnNames = array("Name:","System admin:", "Unit admin:"); | ||
| 41 | + $aDisplayColumnTypes = array(1,2,2); | ||
| 42 | + $aDatabaseColumnTypes = array(1,2,2); | ||
| 43 | + } else { | ||
| 44 | + $aDisplayColumns = array("name","is_unit_admin"); | ||
| 45 | + $aStoreColumns = array("name","is_unit_admin"); | ||
| 46 | + $aColumnNames = array("Name:","Unit admin:"); | ||
| 47 | + $aDisplayColumnTypes = array(1,2); | ||
| 48 | + $aDatabaseColumnTypes = array(1,2); | ||
| 49 | + } | ||
| 40 | 50 | ||
| 41 | // get list of group properties...name...text field...is_Sys_admin and is_unit_admin..checkboxes | 51 | // get list of group properties...name...text field...is_Sys_admin and is_unit_admin..checkboxes |
| 42 | $oPattern = & new PatternEditableListFromQuery($sQuery, $default->groups_table, $aDisplayColumns, $aStoreColumns, $aColumnNames, $aDisplayColumnTypes, $aDatabaseColumnTypes); | 52 | $oPattern = & new PatternEditableListFromQuery($sQuery, $default->groups_table, $aDisplayColumns, $aStoreColumns, $aColumnNames, $aDisplayColumnTypes, $aDatabaseColumnTypes); |
| @@ -107,9 +117,11 @@ function getEditPage($iGroupID) { | @@ -107,9 +117,11 @@ function getEditPage($iGroupID) { | ||
| 107 | $sToRender .= "<tr>\n"; | 117 | $sToRender .= "<tr>\n"; |
| 108 | $sToRender .= "<td>Unit Administrator: </td><td>" . getUnitAdminCheckBox($oGroup) . "</td>\n"; | 118 | $sToRender .= "<td>Unit Administrator: </td><td>" . getUnitAdminCheckBox($oGroup) . "</td>\n"; |
| 109 | $sToRender .= "</tr>\n"; | 119 | $sToRender .= "</tr>\n"; |
| 110 | - $sToRender .= "<tr>\n"; | ||
| 111 | - $sToRender .= "<td>System Administrator: </td><td>" . getSysAdminCheckBox($oGroup) . "</td>\n"; | ||
| 112 | - $sToRender .= "</tr>\n"; | 120 | + if (Permission::userIsSystemAdministrator()) { |
| 121 | + $sToRender .= "<tr>\n"; | ||
| 122 | + $sToRender .= "<td>System Administrator: </td><td>" . getSysAdminCheckBox($oGroup) . "</td>\n"; | ||
| 123 | + $sToRender .= "</tr>\n"; | ||
| 124 | + } | ||
| 113 | $sToRender .= "<tr>\n"; | 125 | $sToRender .= "<tr>\n"; |
| 114 | $sToRender .= "</tr>\n"; | 126 | $sToRender .= "</tr>\n"; |
| 115 | } | 127 | } |