From 566ffb15078c08c85aeffdccfda074e66efa5d12 Mon Sep 17 00:00:00 2001 From: Robert Sesek Date: Sun, 20 Aug 2006 20:50:40 +0000 Subject: [PATCH] r1097: Setting up permssions for canviewownhidden --- editcomment.php | 2 +- editreport.php | 2 +- showhistory.php | 2 +- showreport.php | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/editcomment.php b/editcomment.php index 3c035f7..c2b676c 100644 --- a/editcomment.php +++ b/editcomment.php @@ -42,7 +42,7 @@ $comment =& $commentapi->objdata; $bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]"); -if ($bug['hidden'] AND !can_perform('canviewhidden', $bug['product'])) +if (!(($bug['hidden'] AND can_perform('canviewhidden', $bug['product'])) OR ($bug['hidden'] AND $bugsys->userinfo['userid'] == $bug['userid'] AND can_perform('canviewownhidden'))) AND can_perform('canviewbugs', $bug['product'])) { $message->error_permissison(); } diff --git a/editreport.php b/editreport.php index 723ac97..e2ce90c 100644 --- a/editreport.php +++ b/editreport.php @@ -47,7 +47,7 @@ if (!$bug) $message->error($lang->getlex('error_invalid_id')); } -if ($bug['hidden'] AND !can_perform('canviewhidden', $bug['product'])) +if (!(($bug['hidden'] AND can_perform('canviewhidden', $bug['product'])) OR ($bug['hidden'] AND $bugsys->userinfo['userid'] == $bug['userid'] AND can_perform('canviewownhidden'))) AND can_perform('canviewbugs', $bug['product'])) { $message->error_permission(); } diff --git a/showhistory.php b/showhistory.php index 83e1555..cb4e901 100644 --- a/showhistory.php +++ b/showhistory.php @@ -37,7 +37,7 @@ if (!$bug) $message->error($lang->getlex('error_invalid_id')); } -if (($bug['hidden'] AND !can_perform('canviewhidden', $bug['product'])) OR !can_perform('canviewbugs', $bug['product'])) +if (!(($bug['hidden'] AND can_perform('canviewhidden', $bug['product'])) OR ($bug['hidden'] AND $bugsys->userinfo['userid'] == $bug['userid'] AND can_perform('canviewownhidden'))) AND can_perform('canviewbugs', $bug['product'])) { $message->error_permission(); } diff --git a/showreport.php b/showreport.php index e27a5e6..1837ad6 100644 --- a/showreport.php +++ b/showreport.php @@ -84,7 +84,7 @@ if (!is_array($bug)) $message->error($lang->getlex('error_invalid_id')); } -if ($bug['hidden'] AND !can_perform('canviewhidden', $bug['product'])) +if (!(($bug['hidden'] AND can_perform('canviewhidden', $bug['product'])) OR ($bug['hidden'] AND $bugsys->userinfo['userid'] == $bug['userid'] AND can_perform('canviewownhidden'))) AND can_perform('canviewbugs', $bug['product'])) { $message->error_permission(); } -- 2.43.5