Commit d5d19568e3a2b089fdfa1c32aab5613a60055a4e
1 parent
4cc2036f
changed SysAdmin, UnitAdmin and Guest permission methods to take an optional userID parameter
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@1128 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
15 additions
and
6 deletions
lib/security/permission.inc
| ... | ... | @@ -335,12 +335,15 @@ class Permission { |
| 335 | 335 | * @return boolean true is user is system administrator, false otherwise and set $_SESSION["errorMessage"] |
| 336 | 336 | * |
| 337 | 337 | */ |
| 338 | - function userIsSystemAdministrator() { | |
| 338 | + function userIsSystemAdministrator($iUserID = "") { | |
| 339 | 339 | global $default, $lang_err_database; |
| 340 | + if ($iUserID == "") { | |
| 341 | + $iUserID = $_SESSION["userID"]; | |
| 342 | + } | |
| 340 | 343 | $sql = $default->db; |
| 341 | 344 | $sql->query("SELECT UGL.group_id " . |
| 342 | 345 | "FROM $default->owl_users_groups_table AS UGL INNER JOIN $default->owl_groups_table AS GL ON UGL.group_id = GL.id " . |
| 343 | - "WHERE UGL.user_id = " . $_SESSION["userID"] . " " . | |
| 346 | + "WHERE UGL.user_id = $iUserID " . | |
| 344 | 347 | "AND is_sys_admin = 1"); |
| 345 | 348 | return $sql->next_record(); |
| 346 | 349 | } |
| ... | ... | @@ -350,13 +353,16 @@ class Permission { |
| 350 | 353 | * |
| 351 | 354 | * @return boolean true if the user is the unit administrator for the unit to which the folder belongs, false otherwise |
| 352 | 355 | */ |
| 353 | - function userIsUnitAdministrator() { | |
| 356 | + function userIsUnitAdministrator($iUserID = "") { | |
| 354 | 357 | global $default; |
| 358 | + if ($iUserID == "") { | |
| 359 | + $iUserID = $_SESSION["userID"]; | |
| 360 | + } | |
| 355 | 361 | $sql = $default->db; |
| 356 | 362 | $sql->query("SELECT UGL.group_id " . |
| 357 | 363 | "FROM $default->owl_users_groups_table AS UGL INNER JOIN $default->owl_groups_units_table AS GUL ON GUL.group_id = UGL.group_id " . |
| 358 | 364 | "INNER JOIN $default->owl_groups_table AS GL ON GL.id = UGL.group_id " . |
| 359 | - "WHERE UGL.user_id = " . $_SESSION["userID"] . " " . | |
| 365 | + "WHERE UGL.user_id = $iUserID " . | |
| 360 | 366 | "AND GL.is_unit_admin = 1"); |
| 361 | 367 | return $sql->next_record(); |
| 362 | 368 | } |
| ... | ... | @@ -384,14 +390,17 @@ class Permission { |
| 384 | 390 | * |
| 385 | 391 | * @return boolean true if the user is in the Anonymous group, else false |
| 386 | 392 | */ |
| 387 | - function userIsGuest() { | |
| 393 | + function userIsGuest($iUserID = "") { | |
| 388 | 394 | global $default; |
| 395 | + if ($iUserID == "") { | |
| 396 | + $iUserID = $_SESSION["userID"]; | |
| 397 | + } | |
| 389 | 398 | $sql = $default->db; |
| 390 | 399 | // you're a guest user if you're in the Anonymous group |
| 391 | 400 | $sql->query("SELECT UGL.group_id |
| 392 | 401 | FROM $default->owl_users_groups_table AS UGL INNER JOIN $default->owl_groups_table AS GL ON GL.id = UGL.group_id |
| 393 | 402 | WHERE GL.name = 'Anonymous' |
| 394 | - AND UGL.user_id = " . $_SESSION["userID"]); | |
| 403 | + AND UGL.user_id = $iUserID"); | |
| 395 | 404 | return $sql->next_record(); |
| 396 | 405 | } |
| 397 | 406 | } | ... | ... |