coderkun/questlab
1
0
Fork 0
Code Issues 15 Pull requests Projects Releases Wiki Activity

do not check Questgroup and Quest permissions for Seminary-admins and -moderators

Browse source
This commit is contained in:
coderkun 2014-04-18 18:34:53 +02:00
commit 5a0e1193ec
4 changed files with 56 additions and 50 deletions
Download patch file Download diff file Expand all files Collapse all files

15
controllers/QuestgroupsController.inc
View file

@ -71,10 +71,13 @@
$character = $this->Characters->getCharacterForUserAndSeminary($this->Auth->getUserId(), $seminary['id']);
// Check permission
$previousQuestgroup = $this->Questgroups->getPreviousQuestgroup($questgroup['id']);
if(!is_null($previousQuestgroup)) {
if(!$this->Questgroups->hasCharacterSolvedQuestgroup($previousQuestgroup['id'], $character['id'])) {
throw new \nre\exceptions\AccessDeniedException();
if(count(array_intersect(array('admin','moderator'), IntermediateController::$user['seminaryroles'])) == 0)
{
$previousQuestgroup = $this->Questgroups->getPreviousQuestgroup($questgroup['id']);
if(!is_null($previousQuestgroup)) {
if(!$this->Questgroups->hasCharacterSolvedQuestgroup($previousQuestgroup['id'], $character['id'])) {
throw new \nre\exceptions\AccessDeniedException();
}
}
}
@ -92,7 +95,7 @@
foreach($hierarchy['questgroups'] as $i => &$group)
{
// Check permission of Questgroups
if($i >= 1)
if($i >= 1 && count(array_intersect(array('admin','moderator'), IntermediateController::$user['seminaryroles'])) == 0)
{
if(!$this->Questgroups->hasCharacterSolvedQuestgroup($hierarchy['questgroups'][$i-1]['id'], $character['id']))
{
@ -163,7 +166,7 @@
$quests[] = $currentQuest;
}
}
while(!is_null($currentQuest) && $currentQuest['solved']);
while(!is_null($currentQuest) && ($currentQuest['solved'] || count(array_intersect(array('admin','moderator'), IntermediateController::$user['seminaryroles'])) > 0));
}