diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2009-03-10 20:34:32 +0000 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2009-03-10 20:34:32 +0000 |
| commit | 068c44e2011aee23ad6f43c0e238c2dba65da8e3 (patch) | |
| tree | fc055ba29ceb97997853e78520049f9b1d31874d | |
| parent | 5342578e6d24c59db74747024e1bdc5bcf41ae2d (diff) | |
access::allow/deny/reset functions will now throw an exception if you
don't pass in a Group_Model as the argument. This prevents us from
setting permissions on the wrong group by accidentally passing in a
User_Model.
| -rw-r--r-- | core/helpers/access.php | 5 | ||||
| -rw-r--r-- | modules/server_add/helpers/server_add_installer.php | 1 | ||||
| -rw-r--r-- | modules/user/helpers/user_installer.php | 8 |
3 files changed, 6 insertions, 8 deletions
diff --git a/core/helpers/access.php b/core/helpers/access.php index a2b3a761..00c88f12 100644 --- a/core/helpers/access.php +++ b/core/helpers/access.php @@ -184,7 +184,10 @@ class access_Core { * @param Item_Model $item * @param boolean $value */ - private static function _set($group, $perm_name, $album, $value) { + private static function _set(Controller $group, $perm_name, $album, $value) { + if (get_class($group) != "Group_Model") { + throw new Exception("@todo PERMISSIONS_ONLY_WORK_ON_GROUPS"); + } if (!$album->loaded) { throw new Exception("@todo INVALID_ALBUM $album->id"); } diff --git a/modules/server_add/helpers/server_add_installer.php b/modules/server_add/helpers/server_add_installer.php index 28060ee4..01247a31 100644 --- a/modules/server_add/helpers/server_add_installer.php +++ b/modules/server_add/helpers/server_add_installer.php @@ -23,7 +23,6 @@ class server_add_installer { $version = module::get_version("server_add"); if ($version == 0) { access::register_permission("server_add", t("Add files from server")); - access::allow(user::lookup(2), "view", ORM::factory("item", 1)); module::set_version("server_add", 1); } server_add::check_config(); diff --git a/modules/user/helpers/user_installer.php b/modules/user/helpers/user_installer.php index c677d01a..ccab1f61 100644 --- a/modules/user/helpers/user_installer.php +++ b/modules/user/helpers/user_installer.php @@ -78,15 +78,11 @@ class user_installer { module::set_version("user", 1); $root = ORM::factory("item", 1); - access::allow($guest, "view", $root); - access::allow($guest, "view_full", $root); + access::allow($everybody, "view", $root); + access::allow($everybody, "view_full", $root); access::allow($registered, "view", $root); access::allow($registered, "view_full", $root); - - access::allow($admin, "view", $root); - access::allow($admin, "view_full", $root); - access::allow($admin, "edit", $root); } } |