Fix crash when report_bug_threshold=array in access_has_bug_level

When displaying a bug for which the user is not the reporter, $g_limit_reporters=ON and the workflow is set so report_bug_threshold is an array, MantisBT crashes with "PHP Fatal error: Unsupported operand types". This is due to use of '+ 1' to indicate that user should have the next higher access level to view the issue. We now use the same logic but within a foreach loop to check against each array element. Fixes #15538
mantisbt · Feb 25, 2013 · 957b3c0 · 957b3c0 · atrol · Feb 25, 2013
1 parent b41b528
commit 957b3c0
Showing 1 changed file with 14 additions and 2 deletions.
diff --git a/core/access_api.php b/core/access_api.php
@@ -417,8 +417,20 @@ function access_has_bug_level( $p_access_level, $p_bug_id, $p_user_id = null ) {
 	# reporters can view just issues they reported
 	$t_limit_reporters = config_get( 'limit_reporters', null, $p_user_id, $t_project_id );
 	$t_report_bug_threshold = config_get( 'report_bug_threshold', null, $p_user_id, $t_project_id );
-	if ( $t_limit_reporters && !bug_is_user_reporter( $p_bug_id, $p_user_id ) && !access_has_project_level( $t_report_bug_threshold + 1, $t_project_id, $p_user_id ) ) {
-		return false;
+	if( !is_array( $t_report_bug_threshold ) ) {
+		$t_report_bug_threshold = array( $t_report_bug_threshold );
+	}
+	if( $t_limit_reporters && !bug_is_user_reporter( $p_bug_id, $p_user_id ) ) {
+		$t_has_access = false;
+		foreach( $t_report_bug_threshold as $t_threshold ) {
+			if( access_has_project_level( $t_threshold + 1, $t_project_id, $p_user_id ) ) {
+				$t_has_access = true;
+				break;
+			}
+		}
+		if( !$t_has_access ) {
+			return false;
+		}
 	}
 
 	# If the bug is private and the user is not the reporter, then