Skip to content
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Commit 42eac59

Browse files
Dentxinhodregad
Dentxinho
authored and
dregad
committedDec 13, 2011
Removed unneeded auth check in the access API.
Some functions on the Access API (access_get_global_level, access_get_project_level and access_has_bug_level) require an authenticated user in order to return correct values, FALSE otherwise. However, these functions can be used by plugins while not authenticated, so the code was changed to allow the execution to proceed if existing parameter $p_user_id is provided. Fixes #13538 Signed-off-by: Damien Regad <damien.regad@merckgroup.com> Original patch was modified to follow MantisBT coding guidelines and improve the commit message
·
release-1.2.20release-1.2.9
1 parent 0923fc3 commit 42eac59

File tree

1 file changed

+11
-11
lines changed

1 file changed

+11
-11
lines changed
 

‎core/access_api.php

+11-11
Original file line numberDiff line numberDiff line change
@@ -224,7 +224,7 @@ function access_get_global_level( $p_user_id = null ) {
224224
# Deal with not logged in silently in this case
225225
# @@@ we may be able to remove this and just error
226226
# and once we default to anon login, we can remove it for sure
227-
if( !auth_is_user_authenticated() ) {
227+
if( empty( $p_user_id ) && !auth_is_user_authenticated() ) {
228228
return false;
229229
}
230230

@@ -278,16 +278,16 @@ function access_ensure_global_level( $p_access_level, $p_user_id = null ) {
278278
* @access public
279279
*/
280280
function access_get_project_level( $p_project_id = null, $p_user_id = null ) {
281+
if( null === $p_user_id ) {
282+
$p_user_id = auth_get_current_user_id();
283+
}
284+
281285
# Deal with not logged in silently in this case
282286
/** @todo we may be able to remove this and just error and once we default to anon login, we can remove it for sure */
283-
if( !auth_is_user_authenticated() ) {
287+
if( empty( $p_user_id ) && !auth_is_user_authenticated() ) {
284288
return ANYBODY;
285289
}
286290

287-
if( null === $p_user_id ) {
288-
$p_user_id = auth_get_current_user_id();
289-
}
290-
291291
if( null === $p_project_id ) {
292292
$p_project_id = helper_get_current_project();
293293
}
@@ -405,17 +405,17 @@ function access_has_any_project( $p_access_level, $p_user_id = null ) {
405405
* @access public
406406
*/
407407
function access_has_bug_level( $p_access_level, $p_bug_id, $p_user_id = null ) {
408+
if( $p_user_id === null ) {
409+
$p_user_id = auth_get_current_user_id();
410+
}
411+
408412
# Deal with not logged in silently in this case
409413
# @@@ we may be able to remove this and just error
410414
# and once we default to anon login, we can remove it for sure
411-
if( !auth_is_user_authenticated() ) {
415+
if( empty( $p_user_id ) && !auth_is_user_authenticated() ) {
412416
return false;
413417
}
414418

415-
if( $p_user_id === null ) {
416-
$p_user_id = auth_get_current_user_id();
417-
}
418-
419419
$t_project_id = bug_get_field( $p_bug_id, 'project_id' );
420420

421421
# check limit_Reporter (Issue #4769)

0 commit comments

Comments
 (0)
Please sign in to comment.