зеркало из https://github.com/mozilla/pjs.git
Bug 233486: Only process groups user is supposed to be able to bless in editgroups.cgi
r=justdave a=justdave
This commit is contained in:
bugreport%peshkin.net
Родитель
31f1511124
Коммит
84ebedc167
|
|
@ -155,7 +155,7 @@ sub EmitFormElements ($$$$)
|
||||||
print "<TD COLSPAN=2 ALIGN=LEFT><B>User is a member of these groups</B></TD>\n";
|
print "<TD COLSPAN=2 ALIGN=LEFT><B>User is a member of these groups</B></TD>\n";
|
||||||
while (MoreSQLData()) {
|
while (MoreSQLData()) {
|
||||||
my ($groupid, $name, $description, $checked, $isderived, $isregexp) = FetchSQLData();
|
my ($groupid, $name, $description, $checked, $isderived, $isregexp) = FetchSQLData();
|
||||||
next if (!$editall && !UserCanBlessGroup($name));
|
next unless ($editall || UserCanBlessGroup($name));
|
||||||
PushGlobalSQLState();
|
PushGlobalSQLState();
|
||||||
SendSQL("SELECT user_id " .
|
SendSQL("SELECT user_id " .
|
||||||
"FROM user_group_map " .
|
"FROM user_group_map " .
|
||||||
|
|
@ -762,6 +762,7 @@ if ($action eq 'update') {
|
||||||
my $chggrp = 0;
|
my $chggrp = 0;
|
||||||
SendSQL("SELECT id, name FROM groups");
|
SendSQL("SELECT id, name FROM groups");
|
||||||
while (my ($groupid, $name) = FetchSQLData()) {
|
while (my ($groupid, $name) = FetchSQLData()) {
|
||||||
|
next unless ($editall || UserCanBlessGroup($name));
|
||||||
if ($::FORM{"oldgroup_$groupid"} != ($::FORM{"group_$groupid"} ? 1 : 0)) {
|
if ($::FORM{"oldgroup_$groupid"} != ($::FORM{"group_$groupid"} ? 1 : 0)) {
|
||||||
# group membership changed
|
# group membership changed
|
||||||
PushGlobalSQLState();
|
PushGlobalSQLState();
|
||||||
|
|
|
||||||
Загрузка…
Ссылка в новой задаче