external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Allow only Trusted Users, Developers, and Maintainers to unflag packages

Browse source 
Currently everyone is allowed to unflag a package as out of date. This should
be limited to only the appropriate people for a specific package.

Fixes FS#27263

Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This commit is contained in:
canyonknight 2012-08-09 21:15:50 -04:00 committed by Lukas Fleischer
parent 44d8588b63
commit e8cd6abc6e
3 changed files with 8 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
web/lib/pkgfuncs.inc.php
View file

@ -728,6 +728,10 @@ function pkg_flag ($atype, $ids, $action=true, $dbh=NULL) {
}
$q.= " WHERE ID IN (" . implode(",", $ids) . ")";
if (!$action && ($atype != "Trusted User" && $atype != "Developer")) {
$q.= "AND MaintainerUID = " . uid_from_sid($_COOKIE["AURSID"], $dbh);
}
db_query($q, $dbh);
if ($action) {