Page Menu
Home
In-Portal Phabricator
Search
Configure Global Search
Log In
Files
F859935
D282.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Tue, Apr 29, 7:30 PM
Size
4 KB
Mime Type
text/x-diff
Expires
Wed, Apr 30, 7:30 PM (2 h, 45 m)
Engine
blob
Format
Raw Data
Handle
611657
Attached To
D282: INP-1665 - Add/use "kApplication::permissionCheckingDisabled" method
D282.diff
View Options
Index: branches/5.2.x/core/kernel/application.php
===================================================================
--- branches/5.2.x/core/kernel/application.php
+++ branches/5.2.x/core/kernel/application.php
@@ -2561,6 +2561,22 @@
}
/**
+ * Determines if access permissions should not be checked.
+ *
+ * @param integer|null $user_id User ID.
+ *
+ * @return boolean
+ */
+ public function permissionCheckingDisabled($user_id = null)
+ {
+ if ( !isset($user_id) ) {
+ $user_id = $this->RecallVar('user_id');
+ }
+
+ return $user_id == USER_ROOT;
+ }
+
+ /**
* Check current user permissions based on it's group permissions in specified category
*
* @param string $name permission name
Index: branches/5.2.x/core/kernel/db/db_event_handler.php
===================================================================
--- branches/5.2.x/core/kernel/db/db_event_handler.php
+++ branches/5.2.x/core/kernel/db/db_event_handler.php
@@ -558,19 +558,19 @@
$event->setEventParam('top_prefix', $this->Application->GetTopmostPrefix($event->Prefix, true));
$status_checked = false;
- if ( $user_id == USER_ROOT || $this->CheckPermission($event) ) {
- // don't autoload item, when user doesn't have view permission
+ if ( $this->Application->permissionCheckingDisabled($user_id) || $this->CheckPermission($event) ) {
+ // Don't autoload item, when user doesn't have view permission.
$this->LoadItem($event);
$status_checked = true;
$editing_mode = defined('EDITING_MODE') ? EDITING_MODE : false;
$id_from_request = $event->getEventParam(kEvent::FLAG_ID_FROM_REQUEST);
- if ( $user_id != USER_ROOT
+ if ( !$this->Application->permissionCheckingDisabled($user_id)
&& !$this->Application->isAdmin
&& !($editing_mode || ($id_from_request ? $this->checkItemStatus($event) : true))
) {
- // non-root user AND on front-end AND (not editing mode || incorrect status)
+ // Permissions are being checked AND on Front-End AND (not editing mode || incorrect status).
$perm_status = false;
}
}
Index: branches/5.2.x/core/kernel/managers/request_manager.php
===================================================================
--- branches/5.2.x/core/kernel/managers/request_manager.php
+++ branches/5.2.x/core/kernel/managers/request_manager.php
@@ -156,7 +156,7 @@
/** @var kEventHandler $event_handler */
$event_handler = $this->Application->recallObject($event->Prefix . '_EventHandler');
- if ( ($this->Application->RecallVar('user_id') == USER_ROOT) || $event_handler->CheckPermission($event) ) {
+ if ( $this->Application->permissionCheckingDisabled() || $event_handler->CheckPermission($event) ) {
$this->Application->HandleEvent($event);
$this->Application->notifyEventSubscribers($event);
}
@@ -481,4 +481,4 @@
$opener_stack->push($template, $params, $index_file);
$opener_stack->save();
}
-}
\ No newline at end of file
+}
Index: branches/5.2.x/core/units/helpers/permissions_helper.php
===================================================================
--- branches/5.2.x/core/units/helpers/permissions_helper.php
+++ branches/5.2.x/core/units/helpers/permissions_helper.php
@@ -585,8 +585,7 @@
{
$user_id = (int)$user_id;
- if ( $user_id == USER_ROOT ) {
- // "root" is allowed anywhere
+ if ( $this->Application->permissionCheckingDisabled($user_id) ) {
return substr($name, -5) == '.deny' || $name == 'SYSTEM_ACCESS.READONLY' ? 0 : 1;
}
@@ -845,4 +844,4 @@
return 0;
}
- }
\ No newline at end of file
+ }
Index: branches/5.2.x/core/units/helpers/upload_helper.php
===================================================================
--- branches/5.2.x/core/units/helpers/upload_helper.php
+++ branches/5.2.x/core/units/helpers/upload_helper.php
@@ -140,7 +140,7 @@
/** @var Session $admin_session */
$admin_session = $this->Application->recallObject('Session.admin');
- if ( $admin_session->RecallVar('user_id') == USER_ROOT ) {
+ if ( $this->Application->permissionCheckingDisabled($admin_session->RecallVar('user_id')) ) {
return true;
}
Event Timeline
Log In to Comment