diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2008-02-26 18:22:57 +0100 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2008-02-26 18:22:57 +0100 |
| commit | 85d03f688ed419d3e426dbb8187bf954d9a7a358 (patch) | |
| tree | b8dcca4c879cc9aa220b5ee9530a548b3f2f226c | |
| parent | 097423136c1b9be70f77630781b522863f715436 (diff) | |
| download | rpg-85d03f688ed419d3e426dbb8187bf954d9a7a358.tar.gz rpg-85d03f688ed419d3e426dbb8187bf954d9a7a358.tar.bz2 | |
fix usage of is_admin in auth_aclcheck
There were a few problems with name encoding for groups and users
introduced in the recent aclcheck change
darcs-hash:20080226172257-7ad00-d591f0d2f2219a2b23f93060c65b8fb5f46bd1d7.gz
| -rw-r--r-- | inc/auth.php | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/inc/auth.php b/inc/auth.php index 10f33bcf3..85576b680 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -344,24 +344,22 @@ function auth_aclcheck($id,$user,$groups){ global $conf; global $AUTH_ACL; - # if no ACL is used always return upload rights + // if no ACL is used always return upload rights if(!$conf['useacl']) return AUTH_UPLOAD; - $user = auth_nameencode($user); + //make sure groups is an array + if(!is_array($groups)) $groups = array(); - //if user is superuser return 255 (acl_admin) + //if user is superuser or in superusergroup return 255 (acl_admin) if(auth_isadmin($user,$groups)) { return AUTH_ADMIN; } - //make sure groups is an array - if(!is_array($groups)) $groups = array(); + $user = auth_nameencode($user); //prepend groups with @ and nameencode $cnt = count($groups); for($i=0; $i<$cnt; $i++){ $groups[$i] = '@'.auth_nameencode($groups[$i]); } - //if user is in superuser group return 255 (acl_admin) - if(auth_isadmin($user,$groups)) { return AUTH_ADMIN; } $ns = getNS($id); $perm = -1; |