From e8cd6abc6e8921223a7a290088153bffc364e9d5 Mon Sep 17 00:00:00 2001 From: canyonknight Date: Thu, 9 Aug 2012 21:15:50 -0400 Subject: Allow only Trusted Users, Developers, and Maintainers to unflag packages Currently everyone is allowed to unflag a package as out of date. This should be limited to only the appropriate people for a specific package. Fixes FS#27263 Signed-off-by: canyonknight Signed-off-by: Lukas Fleischer --- web/lib/pkgfuncs.inc.php | 4 ++++ web/template/actions_form.php | 3 ++- web/template/pkg_details.php | 3 ++- 3 files changed, 8 insertions(+), 2 deletions(-) (limited to 'web') diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php index 6fad628..c592e39 100644 --- a/web/lib/pkgfuncs.inc.php +++ b/web/lib/pkgfuncs.inc.php @@ -728,6 +728,10 @@ function pkg_flag ($atype, $ids, $action=true, $dbh=NULL) { } $q.= " WHERE ID IN (" . implode(",", $ids) . ")"; + if (!$action && ($atype != "Trusted User" && $atype != "Developer")) { + $q.= "AND MaintainerUID = " . uid_from_sid($_COOKIE["AURSID"], $dbh); + } + db_query($q, $dbh); if ($action) { diff --git a/web/template/actions_form.php b/web/template/actions_form.php index bfc0611..d687f50 100644 --- a/web/template/actions_form.php +++ b/web/template/actions_form.php @@ -21,7 +21,8 @@ " /> - + " /> diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php index da173ec..7176e10 100644 --- a/web/template/pkg_details.php +++ b/web/template/pkg_details.php @@ -40,7 +40,8 @@ $sources = package_sources($row["ID"]);
  • - +
  • -- cgit v1.2.3-70-g09d2