/ - Diff - FreenetIS - Redmine

« Předchozí | Další »

Revize 2073

Opravy:
- fixes #522 - Administratorovi nemuze nikdo menit heslo, jen on sam

     		if (!$is_former)
+    		{
     			// change password link
     			if ($this->acl_check_edit('Users_Controller', 'password', $member->id))
     			if ($this->acl_check_edit('Users_Controller', 'password', $member->id) &&
     				!($user->is_user_in_aro_group($user->id, Aro_group_Model::ADMINS) &&
     					$user->id != $this->user_id
     				))
+    			{
     				$user_links[] = html::anchor(
     						'users/change_password/'.$user->id, __('Change password'),

     			Controller::error(RECORD);
     		// access control
     		if (!$this->acl_check_edit(get_class($this), 'password', $user->member_id))
     		if (!$this->acl_check_edit(get_class($this), 'password', $user->member_id) ||
     				($user->is_user_in_aro_group($user->id, Aro_group_Model::ADMINS) &&
     					$user->id != $this->user_id
     				))
     			Controller::error(ACCESS);
     		$this->_user_id = $user_id;

+    	}
     	/**
     	 * Checks if user is in ARO group
+    	 *
     	 * @param int $user_id	User ID
     	 * @param int $aro_group	ARO Group
     	 * @return int
     	 */
     	public function is_user_in_aro_group($user_id, $aro_group)
+    	{
     		return $this->db->query("
     				SELECT ag.id
     				FROM aro_groups ag
     				JOIN groups_aro_map gam ON ag.id = gam.group_id
     				WHERE ag.id = ? AND
     					gam.aro_id = ?
     		", $aro_group, $user_id)->count();
+    	}
     	/**
     	 * Gets array of users for selectbox
+    	 *
     	 * @return array[string]

+    {
     	$links[] = html::anchor('requests/show_by_user/'.$user_data->id,__('Show requests'));
+    }
     if ($this->acl_check_edit(get_class($this),'password',$user_data->member_id))
     if ($this->acl_check_edit(get_class($this),'password',$user_data->member_id) &&	!($user_data->is_user_in_aro_group($user_data->id, Aro_group_Model::ADMINS) && $user_data->id != $this->user_id	))
     	$links[] = html::anchor('users/change_password/'.$user_data->id,__('Change password'));
     if ($this->acl_check_edit(get_class($this), 'application_password', $user_data->member_id))
     	$links[] = html::anchor('users/change_application_password/'.$user_data->id, __('Change application password'));

Také k dispozici: Unified diff