From 0dcdc23a7f0babd1bc7d1bb31a2ff2b7602d5cdf Mon Sep 17 00:00:00 2001 From: Lukas Fleischer Date: Fri, 22 May 2015 14:44:24 +0200 Subject: Fix the permission check in pkgbase_adopt() Filter the affected package bases before closing any package requests. Signed-off-by: Lukas Fleischer --- web/lib/pkgbasefuncs.inc.php | 28 ++++++++++++++++++---------- 1 file changed, 18 insertions(+), 10 deletions(-) (limited to 'web/lib') diff --git a/web/lib/pkgbasefuncs.inc.php b/web/lib/pkgbasefuncs.inc.php index 50cb47e..d10b5ad 100644 --- a/web/lib/pkgbasefuncs.inc.php +++ b/web/lib/pkgbasefuncs.inc.php @@ -579,7 +579,25 @@ function pkgbase_adopt ($base_ids, $action=true, $via) { } } + /* Verify package ownership. */ $base_ids = sanitize_ids($base_ids); + + $q = "SELECT ID FROM PackageBases "; + $q.= "WHERE ID IN (" . implode(",", $base_ids) . ") "; + + if ($action && !has_credential(CRED_PKGBASE_ADOPT)) { + /* Regular users may only adopt orphan packages. */ + $q.= "AND MaintainerUID IS NULL"; + } + if (!$action && !has_credential(CRED_PKGBASE_DISOWN)) { + /* Regular users may only disown their own packages. */ + $q.= "AND MaintainerUID = " . $uid; + } + + $result = $dbh->query($q); + $base_ids = $result->fetchAll(PDO::FETCH_COLUMN, 0); + + /* Error out if the list of remaining packages is empty. */ if (empty($base_ids)) { if ($action) { return array(false, __("You did not select any packages to adopt.")); @@ -618,16 +636,6 @@ function pkgbase_adopt ($base_ids, $action=true, $via) { $q.= "SET MaintainerUID = NULL "; } $q.= "WHERE ID IN (" . implode(",", $base_ids) . ") "; - - if ($action && !has_credential(CRED_PKGBASE_ADOPT)) { - /* Regular users may only adopt orphan packages. */ - $q.= "AND MaintainerUID IS NULL"; - } - if (!$action && !has_credential(CRED_PKGBASE_DISOWN)) { - /* Regular users may only disown their own packages. */ - $q.= "AND MaintainerUID = " . $uid; - } - $dbh->exec($q); if ($action) { -- cgit v1.2.3-54-g00ecf