Removed unneeded auth check in the access API.

Dentxinho · dregad · commit f0248c848a68 · 2011-12-13T23:40:12.000+01:00
Some functions on the Access API (access_get_global_level,
access_get_project_level and access_has_bug_level) require an
authenticated user in order to return correct values, FALSE otherwise.

However, these functions can be used by plugins while not
authenticated, so the code was changed to allow the execution to
proceed if existing parameter $p_user_id is provided.

Fixes #13538

Signed-off-by: Damien Regad &lt;damien.regad@merckgroup.com&gt;

Original patch was modified to follow MantisBT coding guidelines and
improve the commit message
diff --git a/core/access_api.php b/core/access_api.php
@@ -219,7 +219,7 @@ function access_get_global_level( $p_user_id = null ) {
 	# Deal with not logged in silently in this case
 	# @@@ we may be able to remove this and just error
 	#     and once we default to anon login, we can remove it for sure
-	if( !auth_is_user_authenticated() ) {
+	if( empty( $p_user_id ) && !auth_is_user_authenticated() ) {
 		return false;
 	}
 
@@ -273,16 +273,16 @@ function access_ensure_global_level( $p_access_level, $p_user_id = null ) {
  * @access public
  */
 function access_get_project_level( $p_project_id = null, $p_user_id = null ) {
+	if( null === $p_user_id ) {
+		$p_user_id = auth_get_current_user_id();
+	}
+
 	# Deal with not logged in silently in this case
 	/** @todo we may be able to remove this and just error and once we default to anon login, we can remove it for sure */
-	if( !auth_is_user_authenticated() ) {
+	if( empty( $p_user_id ) && !auth_is_user_authenticated() ) {
 		return ANYBODY;
 	}
 
-	if( null === $p_user_id ) {
-		$p_user_id = auth_get_current_user_id();
-	}
-
 	if( null === $p_project_id ) {
 		$p_project_id = helper_get_current_project();
 	}
@@ -400,17 +400,17 @@ function access_has_any_project( $p_access_level, $p_user_id = null ) {
  * @access public
  */
 function access_has_bug_level( $p_access_level, $p_bug_id, $p_user_id = null ) {
+	if( $p_user_id === null ) {
+		$p_user_id = auth_get_current_user_id();
+	}
+
 	# Deal with not logged in silently in this case
 	# @@@ we may be able to remove this and just error
 	#     and once we default to anon login, we can remove it for sure
-	if( !auth_is_user_authenticated() ) {
+	if( empty( $p_user_id ) && !auth_is_user_authenticated() ) {
 		return false;
 	}
 
-	if( $p_user_id === null ) {
-		$p_user_id = auth_get_current_user_id();
-	}
-
 	$t_project_id = bug_get_field( $p_bug_id, 'project_id' );
 
 	# check limit_Reporter (Issue #4769)
