[xoops-cvslog 2150] CVS update: xoops2jp/html/modules/base/class

Back to archive index

Minahito minah****@users*****
2006年 2月 3日 (金) 15:03:24 JST


Index: xoops2jp/html/modules/base/class/Legacy_AdminModuleController.class.php
diff -u xoops2jp/html/modules/base/class/Legacy_AdminModuleController.class.php:1.1.2.10 xoops2jp/html/modules/base/class/Legacy_AdminModuleController.class.php:1.1.2.11
--- xoops2jp/html/modules/base/class/Legacy_AdminModuleController.class.php:1.1.2.10	Fri Feb  3 02:00:14 2006
+++ xoops2jp/html/modules/base/class/Legacy_AdminModuleController.class.php	Fri Feb  3 15:03:24 2006
@@ -1,5 +1,5 @@
 <?php
-// $Id: Legacy_AdminModuleController.class.php,v 1.1.2.10 2006/02/02 17:00:14 minahito Exp $
+// $Id: Legacy_AdminModuleController.class.php,v 1.1.2.11 2006/02/03 06:03:24 minahito Exp $
 //  ------------------------------------------------------------------------ //
 //              XOOPSCube - PHP Content Management System                    //
 //                  Copyright (c) 2005 XOOPSCube.org                         //
@@ -72,6 +72,14 @@
 	}
 	
 	/**
+	 *  Check current user's permission, return boolean as its result. If current
+	 * module's dirname is Base or System, check whether current user has one of
+	 * the permissions of administrator.
+	 *
+	 *  The check of this method is loose for Base module and System module only.
+	 * But, In Base module's controller, system must check his permission strictly.
+	 *
+	 * @access public
 	 * @todo This method re-writes $GLOBAL['xoopsUserIsAdmin']! Wmm...
 	 * @return bool
 	 */
@@ -82,17 +90,22 @@
 		//
 		// The guest user is never administrator.
 		//
-		if(!is_object($xoopsUser))
+		if (!is_object($xoopsUser))
 			return false;
-		
 
-		$xoopsModule=&$this->mModuleObject;
+		//
+		// Decide $mid as a argument for checkRight() by current module's dirname.
+		//
+		$mid = 0;
+		if ($this->mModuleObject->get('dirname') == 'base' || $this->mModuleObject->get('dirname') == 'system') {
+			$mid = -1;
+		}
+		else {
+			$mid = $this->mModuleObject->get('mid');
+		}
+		
         $modPermHandler =& xoops_gethandler('groupperm');
-
-		if (!$modPermHandler->checkRight('module_admin', $xoopsModule->getVar('mid'), $xoopsUser->getGroups()))
-			return false;
-
-		return true;
+		return $modPermHandler->checkRight('module_admin', $mid, $xoopsUser->getGroups());
 	}
 
 	/**


xoops-cvslog メーリングリストの案内
Back to archive index