Commit d5d19568e3a2b089fdfa1c32aab5613a60055a4e
1 parent
4cc2036f
changed SysAdmin, UnitAdmin and Guest permission methods to take an optional userID parameter
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@1128 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
15 additions
and
6 deletions
lib/security/permission.inc
| @@ -335,12 +335,15 @@ class Permission { | @@ -335,12 +335,15 @@ class Permission { | ||
| 335 | * @return boolean true is user is system administrator, false otherwise and set $_SESSION["errorMessage"] | 335 | * @return boolean true is user is system administrator, false otherwise and set $_SESSION["errorMessage"] |
| 336 | * | 336 | * |
| 337 | */ | 337 | */ |
| 338 | - function userIsSystemAdministrator() { | 338 | + function userIsSystemAdministrator($iUserID = "") { |
| 339 | global $default, $lang_err_database; | 339 | global $default, $lang_err_database; |
| 340 | + if ($iUserID == "") { | ||
| 341 | + $iUserID = $_SESSION["userID"]; | ||
| 342 | + } | ||
| 340 | $sql = $default->db; | 343 | $sql = $default->db; |
| 341 | $sql->query("SELECT UGL.group_id " . | 344 | $sql->query("SELECT UGL.group_id " . |
| 342 | "FROM $default->owl_users_groups_table AS UGL INNER JOIN $default->owl_groups_table AS GL ON UGL.group_id = GL.id " . | 345 | "FROM $default->owl_users_groups_table AS UGL INNER JOIN $default->owl_groups_table AS GL ON UGL.group_id = GL.id " . |
| 343 | - "WHERE UGL.user_id = " . $_SESSION["userID"] . " " . | 346 | + "WHERE UGL.user_id = $iUserID " . |
| 344 | "AND is_sys_admin = 1"); | 347 | "AND is_sys_admin = 1"); |
| 345 | return $sql->next_record(); | 348 | return $sql->next_record(); |
| 346 | } | 349 | } |
| @@ -350,13 +353,16 @@ class Permission { | @@ -350,13 +353,16 @@ class Permission { | ||
| 350 | * | 353 | * |
| 351 | * @return boolean true if the user is the unit administrator for the unit to which the folder belongs, false otherwise | 354 | * @return boolean true if the user is the unit administrator for the unit to which the folder belongs, false otherwise |
| 352 | */ | 355 | */ |
| 353 | - function userIsUnitAdministrator() { | 356 | + function userIsUnitAdministrator($iUserID = "") { |
| 354 | global $default; | 357 | global $default; |
| 358 | + if ($iUserID == "") { | ||
| 359 | + $iUserID = $_SESSION["userID"]; | ||
| 360 | + } | ||
| 355 | $sql = $default->db; | 361 | $sql = $default->db; |
| 356 | $sql->query("SELECT UGL.group_id " . | 362 | $sql->query("SELECT UGL.group_id " . |
| 357 | "FROM $default->owl_users_groups_table AS UGL INNER JOIN $default->owl_groups_units_table AS GUL ON GUL.group_id = UGL.group_id " . | 363 | "FROM $default->owl_users_groups_table AS UGL INNER JOIN $default->owl_groups_units_table AS GUL ON GUL.group_id = UGL.group_id " . |
| 358 | "INNER JOIN $default->owl_groups_table AS GL ON GL.id = UGL.group_id " . | 364 | "INNER JOIN $default->owl_groups_table AS GL ON GL.id = UGL.group_id " . |
| 359 | - "WHERE UGL.user_id = " . $_SESSION["userID"] . " " . | 365 | + "WHERE UGL.user_id = $iUserID " . |
| 360 | "AND GL.is_unit_admin = 1"); | 366 | "AND GL.is_unit_admin = 1"); |
| 361 | return $sql->next_record(); | 367 | return $sql->next_record(); |
| 362 | } | 368 | } |
| @@ -384,14 +390,17 @@ class Permission { | @@ -384,14 +390,17 @@ class Permission { | ||
| 384 | * | 390 | * |
| 385 | * @return boolean true if the user is in the Anonymous group, else false | 391 | * @return boolean true if the user is in the Anonymous group, else false |
| 386 | */ | 392 | */ |
| 387 | - function userIsGuest() { | 393 | + function userIsGuest($iUserID = "") { |
| 388 | global $default; | 394 | global $default; |
| 395 | + if ($iUserID == "") { | ||
| 396 | + $iUserID = $_SESSION["userID"]; | ||
| 397 | + } | ||
| 389 | $sql = $default->db; | 398 | $sql = $default->db; |
| 390 | // you're a guest user if you're in the Anonymous group | 399 | // you're a guest user if you're in the Anonymous group |
| 391 | $sql->query("SELECT UGL.group_id | 400 | $sql->query("SELECT UGL.group_id |
| 392 | FROM $default->owl_users_groups_table AS UGL INNER JOIN $default->owl_groups_table AS GL ON GL.id = UGL.group_id | 401 | FROM $default->owl_users_groups_table AS UGL INNER JOIN $default->owl_groups_table AS GL ON GL.id = UGL.group_id |
| 393 | WHERE GL.name = 'Anonymous' | 402 | WHERE GL.name = 'Anonymous' |
| 394 | - AND UGL.user_id = " . $_SESSION["userID"]); | 403 | + AND UGL.user_id = $iUserID"); |
| 395 | return $sql->next_record(); | 404 | return $sql->next_record(); |
| 396 | } | 405 | } |
| 397 | } | 406 | } |