diff options
author | Dries Buytaert <dries@buytaert.net> | 2010-11-12 02:57:15 +0000 |
---|---|---|
committer | Dries Buytaert <dries@buytaert.net> | 2010-11-12 02:57:15 +0000 |
commit | fd37414f45cf442b6fdc551c07da1b970ca04691 (patch) | |
tree | e1bb78bd4c1f04a07f10b6a8fce509846576afda /modules | |
parent | 1ba059b3b26e21d2c1c566556a4e3be04c982c24 (diff) | |
download | brdo-fd37414f45cf442b6fdc551c07da1b970ca04691.tar.gz brdo-fd37414f45cf442b6fdc551c07da1b970ca04691.tar.bz2 |
- Patch #171117 by earnie, sun, JirkaRybka, catch, beginner: regression: users without administer users permission can not access user profiles of users that never logged in .
Diffstat (limited to 'modules')
-rw-r--r-- | modules/profile/profile.pages.inc | 2 | ||||
-rw-r--r-- | modules/user/user.module | 16 |
2 files changed, 1 insertions, 17 deletions
diff --git a/modules/profile/profile.pages.inc b/modules/profile/profile.pages.inc index 064630ba4..039bc5d44 100644 --- a/modules/profile/profile.pages.inc +++ b/modules/profile/profile.pages.inc @@ -38,7 +38,6 @@ function profile_browse() { $query ->fields('u', array('uid', 'access')) ->condition('v.fid', $field->fid) - ->condition('u.access', 0, '<>') ->condition('u.status', 0, '<>') ->orderBy('u.access', 'DESC'); @@ -99,7 +98,6 @@ function profile_browse() { ->fields('u', array('uid', 'access')) ->condition('u.uid', 0, '>') ->condition('u.status', 0, '>') - ->condition('u.access', 0, '>') ->orderBy('u.access', 'DESC') ->limit(20) ->execute() diff --git a/modules/user/user.module b/modules/user/user.module index 6c6519b80..a9f7462da 100644 --- a/modules/user/user.module +++ b/modules/user/user.module @@ -417,12 +417,6 @@ function user_save($account, $edit = array(), $category = 'account') { user_module_invoke('presave', $edit, $account, $category); if (is_object($account) && !$account->is_new) { - // Consider users edited by an administrator as logged in, if they haven't - // already, so anonymous users can view the profile (if allowed). - if (empty($edit['access']) && empty($account->access) && user_access('administer users')) { - $edit['access'] = REQUEST_TIME; - } - // Process picture uploads. if (!$delete_previous_picture = empty($edit['picture']->fid)) { $picture = $edit['picture']; @@ -523,12 +517,6 @@ function user_save($account, $edit = array(), $category = 'account') { if (!isset($edit['created'])) { $edit['created'] = REQUEST_TIME; } - // Consider users created by an administrator as already logged in, so - // anonymous users can view the profile (if allowed). - if (empty($edit['access']) && user_access('administer users')) { - $edit['access'] = REQUEST_TIME; - } - $edit['mail'] = trim($edit['mail']); $success = drupal_write_record('users', $edit); if ($success === FALSE) { @@ -1464,7 +1452,6 @@ function user_register_access() { return user_is_anonymous() && variable_get('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL); } - /** * User view access callback. * @@ -1472,7 +1459,6 @@ function user_register_access() { * Can either be a full user object or a $uid. */ function user_view_access($account) { - $uid = is_object($account) ? $account->uid : (int) $account; // Never allow access to view the anonymous user account. @@ -1486,7 +1472,7 @@ function user_view_access($account) { if (!is_object($account)) { $account = user_load($uid); } - return (is_object($account) && $account->access && $account->status); + return (is_object($account) && $account->status); } } return FALSE; |