front end fix for 31456: Editing a superuser clears their access flags

patch by jmrobin@tgix.com

front end fix for 31456: Editing a superuser clears their access flags
ee4d3250 · cyeh%bluemartini.com · 39166470 · ee4d3250 · ee4d3250
Commit ee4d3250 authored Sep 16, 2000 by cyeh%bluemartini.com
Show whitespace changes
Inline Side-by-side

Showing with 10 additions and 0 deletions

editusers.cgi editusers.cgi +6 -0

globals.pl globals.pl +4 -0

No files found.
--- a/editusers.cgi
+++ b/editusers.cgi
@@ -746,6 +746,11 @@ if ($action eq 'update') {
        SendSQL("SELECT groupset FROM profiles WHERE login_name=" .
                SqlQuote($userold));
        $groupsetold = FetchOneColumn();
+        # Updated, 5/7/00, Joe Robins
+        # We don't want to change the groupset of a superuser.
+        if($groupsetold eq $::superusergroupset) {
+          print "Cannot change permissions of superuser.\n";
+        } else {
           SendSQL("UPDATE profiles
                    SET groupset =
                         groupset - (groupset & $opblessgroupset) + $groupset
@@ -768,6 +773,7 @@ if ($action eq 'update') {
           }
 	   print "Updated permissions.\n";
       }
+    }

    if ($editall && $blessgroupset ne $blessgroupsetold) {
        SendSQL("UPDATE profiles

--- a/globals.pl
+++ b/globals.pl
@@ -77,6 +77,10 @@ $::defaultqueryname = "(Default query)";
 $::unconfirmedstate = "UNCONFIRMED";
 $::dbwritesallowed = 1;

+# Adding a global variable for the value of the superuser groupset.
+# Joe Robins, 7/5/00
+$::superusergroupset = "9223372036854775807";
+
 sub ConnectToDatabase {
    my ($useshadow) = (@_);
    if (!defined $::db) {