From 4926e3e3ecc88da946dc84aaa5e4d8919b4bb625 Mon Sep 17 00:00:00 2001 From: Robert Sesek Date: Mon, 21 Aug 2006 00:27:37 +0000 Subject: [PATCH] r1109: Trying to get notification permissions check to work --- includes/class_notification.php | 8 ++++++++ includes/functions.php | 4 ++++ 2 files changed, 12 insertions(+) diff --git a/includes/class_notification.php b/includes/class_notification.php index 4a280ee..339029d 100644 --- a/includes/class_notification.php +++ b/includes/class_notification.php @@ -644,6 +644,14 @@ Initial report: { if ($userid == $this->registry->userinfo['userid']) { + //continue; + } + + // we wouldn't want people who favorite bugs getting hidden notices + if (!check_bug_permissions($this->bug, $this->users["$userid"])) + { + var_dump($this->bug, $this->users); + $this->registry->debug("skipping user $userid ({$this->users[$userid]['email']}) because of permissions"); continue; } diff --git a/includes/functions.php b/includes/functions.php index 09c8bc2..c7588d5 100755 --- a/includes/functions.php +++ b/includes/functions.php @@ -112,10 +112,12 @@ function can_perform($bitmask, $productid = 0, $userinfo = null) if (!in_array($bitmask, $inspecific)) { + $bugsys->debug("verdict on can_perform($bitmask, $productid, $userinfo[userid]) = " . ($bugsys->datastore['permission']["$userinfo[usergroupid]"]["$productid"] & $bugsys->permissions["$bitmask"])); return ($bugsys->datastore['permission']["$userinfo[usergroupid]"]["$productid"] & $bugsys->permissions["$bitmask"]); } } + $bugsys->debug("verdict on can_perform($bitmask, $productid, $userinfo[userid]) = " . ($userinfo['permissions'] & $bugsys->permissions["$bitmask"])); return ($userinfo['permissions'] & $bugsys->permissions["$bitmask"]); } @@ -529,6 +531,8 @@ function check_bug_permissions($bug, $userinfo = null) $userinfo = $bugsys->userinfo; } + $bugsys->debug("checking permissions for $userinfo[userid] on bug $bug[bugid]"); + if ( !can_perform('canviewbugs', $bug['product'], $userinfo) -- 2.43.5