chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Internal: Remove side effect that would set the (still unused) ROLE_SUPER_ADMIN to any user on edition by an admin (side effect introduced by mistake in beb4d6cac4 in 2016) - refs BT#17004

Browse Source
pull/3178/head
Yannick Warnier 6 years ago
parent 70884fe09d
commit 74daccecb9
2 changed files with 18 additions and 12 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 8
      main/admin/user_edit.php
  2. 22
      main/inc/lib/usermanager.lib.php

8
main/admin/user_edit.php
Unescape View File

@ -467,16 +467,12 @@ if ($form->validate()) {
}
$currentUserId = api_get_user_id();
$userObj = api_get_user_entity($user_id);
UserManager::add_user_as_admin($userObj);
if ($user_id != $currentUserId) {
$userObj = api_get_user_entity($user_id);
if ($platform_admin == 1) {
$userObj = api_get_user_entity($user_id);
UserManager::add_user_as_admin($userObj);
} else {
UserManager::remove_user_admin($user_id);
UserManager::remove_user_admin($userObj);
}
}

22
main/inc/lib/usermanager.lib.php
Unescape View File

@ -5745,6 +5745,10 @@ class UserManager
return $icon_link;
}
/**
* Add the admin role to the given user
* @param User $user
*/
public static function add_user_as_admin(User $user)
{
$table_admin = Database::get_main_table(TABLE_MAIN_ADMIN);
@ -5762,15 +5766,21 @@ class UserManager
}
/**
* @param int $userId
* Remove the admin role from the given user
* @param User $user
*/
public static function remove_user_admin($userId)
public static function remove_user_admin($user)
{
$table_admin = Database::get_main_table(TABLE_MAIN_ADMIN);
$userId = (int) $userId;
if (self::is_admin($userId)) {
$sql = "DELETE FROM $table_admin WHERE user_id = $userId";
Database::query($sql);
if ($user) {
$userId = $user->getId();
if (self::is_admin($userId)) {
$sql = "DELETE FROM $table_admin WHERE user_id = $userId";
Database::query($sql);
}
$user->removeRole('ROLE_SUPER_ADMIN');
self::getManager()->updateUser($user, true);
}
}

Write Preview
Loading…
Cancel
Save