From dd8a3ce6adfe4635ef89eb7d25feee8b905d5260 Mon Sep 17 00:00:00 2001
From: michael <michael@c91229c3-7414-0410-bfa2-8a42b809f60b>
Date: Wed, 29 Jan 2003 09:01:47 +0000
Subject: [PATCH] added userIsUnitAdministratorForFolder method

---
 lib/security/permission.inc | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/lib/security/permission.inc b/lib/security/permission.inc
index 317495b..472a673 100644
--- a/lib/security/permission.inc
+++ b/lib/security/permission.inc
@@ -73,7 +73,7 @@ class Permission {
 		if (Permission::userHasGroupWritePermissionForFolder($iFolderID) ||
 			Permission::userHasWriteRoleForFolder($iFolderID) ||
 			Permission::userIsSystemAdministrator() ||
-			Permission::userIsUnitAdministrator($iFolderID)) {
+			Permission::userIsUnitAdministratorForFolder($iFolderID)) {
 				return true;
 			}
 		$_SESSION["errorMessage"] = $lang_err_user_folder_write . "id " . $iFolderID; 
@@ -357,6 +357,24 @@ class Permission {
 		return $sql->next_record();
 	}
     
+	/**
+	* Checks if the current user is a unit administrator
+	*
+	* @return boolean true if the user is the unit administrator for the unit to which the folder belongs, false otherwise
+	*/
+	function userIsUnitAdministratorForFolder($iFolderID) {
+        global $default;
+		$sql = new Owl_DB();
+		$sql->query("SELECT UGL.group_id " .
+			"FROM $default->owl_users_groups_table AS UGL INNER JOIN $default->owl_groups_units_table AS GUL ON GUL.group_id = UGL.group_id " .
+			"INNER JOIN $default->owl_groups_table AS GL ON GL.id = UGL.group_id " .
+            "INNER JOIN $default->owl_groups_folders_table AS GFL ON GFL.group_id = UGL.group_id " .
+			"WHERE UGL.user_id = " . $_SESSION["userID"] . " " .
+			"AND GL.is_unit_admin = 1 " .
+            "AND GFL.folder_id = $iFolderID");
+		return $sql->next_record();
+	}
+    
     /**
      * Checks if the current user is a guest user
      *
--
libgit2 0.21.4