mirror of
https://github.com/phpbb/phpbb.git
synced 2025-10-24 05:06:09 +02:00
Merge pull request #6549 from marc1706/ticket/15325
[ticket/15325] Do not show non-local permissions for local data
This commit is contained in:
@@ -95,7 +95,7 @@ class auth_admin extends \phpbb\auth\auth
|
||||
}
|
||||
else
|
||||
{
|
||||
$hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%', ($scope == 'global') ? 0 : false) : $this->$acl_user_function($user_id, $auth_option . '%', ($scope == 'global') ? 0 : false);
|
||||
$hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%') : $this->$acl_user_function($user_id, $auth_option . '%', ($scope == 'global') ? 0 : false);
|
||||
}
|
||||
}
|
||||
|
||||
|
@@ -159,9 +159,9 @@ $lang = array_merge($lang, array(
|
||||
'ACL_M_MERGE' => 'Can merge topics',
|
||||
|
||||
'ACL_M_INFO' => 'Can view post details',
|
||||
'ACL_M_WARN' => 'Can issue warnings<br /><em>This setting is only assigned globally. It is not forum based.</em>', // This moderator setting is only global (and not local)
|
||||
'ACL_M_PM_REPORT' => 'Can close and delete reports of private messages<br /><em>This setting is only assigned globally. It is not forum based.</em>', // This moderator setting is only global (and not local)
|
||||
'ACL_M_BAN' => 'Can manage bans<br /><em>This setting is only assigned globally. It is not forum based.</em>', // This moderator setting is only global (and not local)
|
||||
'ACL_M_WARN' => 'Can issue warnings',
|
||||
'ACL_M_PM_REPORT' => 'Can close and delete reports of private messages',
|
||||
'ACL_M_BAN' => 'Can manage bans',
|
||||
));
|
||||
|
||||
// Admin Permissions
|
||||
|
@@ -776,6 +776,7 @@ class auth
|
||||
|
||||
$sql_group = ($group_id !== false) ? ((!is_array($group_id)) ? 'group_id = ' . (int) $group_id : $db->sql_in_set('group_id', array_map('intval', $group_id))) : '';
|
||||
$sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? 'AND a.forum_id = ' . (int) $forum_id : 'AND ' . $db->sql_in_set('a.forum_id', array_map('intval', $forum_id))) : '';
|
||||
$sql_is_local = $forum_id !== false ? 'AND ao.is_local <> 0' : '';
|
||||
|
||||
$sql_opts = '';
|
||||
$hold_ary = $sql_ary = array();
|
||||
@@ -787,9 +788,10 @@ class auth
|
||||
|
||||
// Grab group settings - non-role specific...
|
||||
$sql_ary[] = 'SELECT a.group_id, a.forum_id, a.auth_setting, a.auth_option_id, ao.auth_option
|
||||
FROM ' . ACL_GROUPS_TABLE . ' a, ' . ACL_OPTIONS_TABLE . ' ao
|
||||
FROM ' . ACL_GROUPS_TABLE . ' a, ' . ACL_OPTIONS_TABLE . " ao
|
||||
WHERE a.auth_role_id = 0
|
||||
AND a.auth_option_id = ao.auth_option_id ' .
|
||||
AND a.auth_option_id = ao.auth_option_id
|
||||
$sql_is_local " .
|
||||
(($sql_group) ? 'AND a.' . $sql_group : '') . "
|
||||
$sql_forum
|
||||
$sql_opts
|
||||
@@ -797,9 +799,10 @@ class auth
|
||||
|
||||
// Now grab group settings - role specific...
|
||||
$sql_ary[] = 'SELECT a.group_id, a.forum_id, r.auth_setting, r.auth_option_id, ao.auth_option
|
||||
FROM ' . ACL_GROUPS_TABLE . ' a, ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . ' ao
|
||||
FROM ' . ACL_GROUPS_TABLE . ' a, ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . " ao
|
||||
WHERE a.auth_role_id = r.role_id
|
||||
AND r.auth_option_id = ao.auth_option_id ' .
|
||||
$sql_is_local
|
||||
AND r.auth_option_id = ao.auth_option_id " .
|
||||
(($sql_group) ? 'AND a.' . $sql_group : '') . "
|
||||
$sql_forum
|
||||
$sql_opts
|
||||
|
@@ -124,4 +124,29 @@ class phpbb_functional_acp_permissions_test extends phpbb_functional_test_case
|
||||
$auth->acl($user_data);
|
||||
$this->assertEquals(0, $auth->acl_get($permission));
|
||||
}
|
||||
|
||||
public function test_forum_permissions_misc()
|
||||
{
|
||||
// Open forum moderators permissions page
|
||||
$crawler = self::request('GET', "adm/index.php?i=acp_permissions&icat=16&mode=setting_mod_local&sid=" . $this->sid);
|
||||
|
||||
// Select "Your first forum"
|
||||
$form = $crawler->filter('#select_victim')->form(['forum_id' => [2]]);
|
||||
$crawler = self::submit($form);
|
||||
|
||||
// Select "Global moderators"
|
||||
$form = $crawler->filter('#add_groups')->form(['group_id' => [4]]);
|
||||
$crawler = self::submit($form);
|
||||
|
||||
// Check that global permissions are not displayed
|
||||
$this->add_lang('acp/permissions_phpbb');
|
||||
$page_text = $crawler->text();
|
||||
$this->assertNotContainsLang('ACL_M_BAN', $page_text);
|
||||
$this->assertNotContainsLang('ACL_M_PM_REPORT', $page_text);
|
||||
$this->assertNotContainsLang('ACL_M_WARN', $page_text);
|
||||
|
||||
// Check that other permissions exist
|
||||
$this->assertContainsLang('ACL_M_EDIT', $page_text);
|
||||
$this->assertContainsLang('ACL_M_MOVE', $page_text);
|
||||
}
|
||||
}
|
||||
|
Reference in New Issue
Block a user