1
0
mirror of https://github.com/phpbb/phpbb.git synced 2025-10-24 05:06:09 +02:00

Merge pull request #6549 from marc1706/ticket/15325

[ticket/15325] Do not show non-local permissions for local data
This commit is contained in:
Marc Alexander
2024-05-08 17:22:15 +02:00
4 changed files with 36 additions and 8 deletions

View File

@@ -95,7 +95,7 @@ class auth_admin extends \phpbb\auth\auth
}
else
{
$hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%', ($scope == 'global') ? 0 : false) : $this->$acl_user_function($user_id, $auth_option . '%', ($scope == 'global') ? 0 : false);
$hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%') : $this->$acl_user_function($user_id, $auth_option . '%', ($scope == 'global') ? 0 : false);
}
}

View File

@@ -159,9 +159,9 @@ $lang = array_merge($lang, array(
'ACL_M_MERGE' => 'Can merge topics',
'ACL_M_INFO' => 'Can view post details',
'ACL_M_WARN' => 'Can issue warnings<br /><em>This setting is only assigned globally. It is not forum based.</em>', // This moderator setting is only global (and not local)
'ACL_M_PM_REPORT' => 'Can close and delete reports of private messages<br /><em>This setting is only assigned globally. It is not forum based.</em>', // This moderator setting is only global (and not local)
'ACL_M_BAN' => 'Can manage bans<br /><em>This setting is only assigned globally. It is not forum based.</em>', // This moderator setting is only global (and not local)
'ACL_M_WARN' => 'Can issue warnings',
'ACL_M_PM_REPORT' => 'Can close and delete reports of private messages',
'ACL_M_BAN' => 'Can manage bans',
));
// Admin Permissions

View File

@@ -776,6 +776,7 @@ class auth
$sql_group = ($group_id !== false) ? ((!is_array($group_id)) ? 'group_id = ' . (int) $group_id : $db->sql_in_set('group_id', array_map('intval', $group_id))) : '';
$sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? 'AND a.forum_id = ' . (int) $forum_id : 'AND ' . $db->sql_in_set('a.forum_id', array_map('intval', $forum_id))) : '';
$sql_is_local = $forum_id !== false ? 'AND ao.is_local <> 0' : '';
$sql_opts = '';
$hold_ary = $sql_ary = array();
@@ -787,9 +788,10 @@ class auth
// Grab group settings - non-role specific...
$sql_ary[] = 'SELECT a.group_id, a.forum_id, a.auth_setting, a.auth_option_id, ao.auth_option
FROM ' . ACL_GROUPS_TABLE . ' a, ' . ACL_OPTIONS_TABLE . ' ao
FROM ' . ACL_GROUPS_TABLE . ' a, ' . ACL_OPTIONS_TABLE . " ao
WHERE a.auth_role_id = 0
AND a.auth_option_id = ao.auth_option_id ' .
AND a.auth_option_id = ao.auth_option_id
$sql_is_local " .
(($sql_group) ? 'AND a.' . $sql_group : '') . "
$sql_forum
$sql_opts
@@ -797,9 +799,10 @@ class auth
// Now grab group settings - role specific...
$sql_ary[] = 'SELECT a.group_id, a.forum_id, r.auth_setting, r.auth_option_id, ao.auth_option
FROM ' . ACL_GROUPS_TABLE . ' a, ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . ' ao
FROM ' . ACL_GROUPS_TABLE . ' a, ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . " ao
WHERE a.auth_role_id = r.role_id
AND r.auth_option_id = ao.auth_option_id ' .
$sql_is_local
AND r.auth_option_id = ao.auth_option_id " .
(($sql_group) ? 'AND a.' . $sql_group : '') . "
$sql_forum
$sql_opts

View File

@@ -124,4 +124,29 @@ class phpbb_functional_acp_permissions_test extends phpbb_functional_test_case
$auth->acl($user_data);
$this->assertEquals(0, $auth->acl_get($permission));
}
public function test_forum_permissions_misc()
{
// Open forum moderators permissions page
$crawler = self::request('GET', "adm/index.php?i=acp_permissions&icat=16&mode=setting_mod_local&sid=" . $this->sid);
// Select "Your first forum"
$form = $crawler->filter('#select_victim')->form(['forum_id' => [2]]);
$crawler = self::submit($form);
// Select "Global moderators"
$form = $crawler->filter('#add_groups')->form(['group_id' => [4]]);
$crawler = self::submit($form);
// Check that global permissions are not displayed
$this->add_lang('acp/permissions_phpbb');
$page_text = $crawler->text();
$this->assertNotContainsLang('ACL_M_BAN', $page_text);
$this->assertNotContainsLang('ACL_M_PM_REPORT', $page_text);
$this->assertNotContainsLang('ACL_M_WARN', $page_text);
// Check that other permissions exist
$this->assertContainsLang('ACL_M_EDIT', $page_text);
$this->assertContainsLang('ACL_M_MOVE', $page_text);
}
}