Home Explore Help
Register Sign In
Omnimaga
/
SMF2.1
mirror of git@github.com:Omnimaga/SMF2.1.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Guest permission cleanup (fixes #906)

Signed-off-by: Michael Eshom <oldiesmann@oldiesmann.us>
Michael Eshom 11 years ago
parent
e1419d0101
commit
f1b23d1250
4 changed files with 182 additions and 40 deletions
Split View Show Diff Stats
  1. 41 40
      Sources/ManagePermissions.php
  2. 47 0
      other/upgrade_2-1_mysql.sql
  3. 47 0
      other/upgrade_2-1_postgresql.sql
  4. 47 0
      other/upgrade_2-1_sqlite.sql

+ 41 - 40
Sources/ManagePermissions.php
View File 

@@ -2240,59 +2240,60 @@ function loadIllegalGuestPermissions()
 
 	global $context;
 
 
 	$context['non_guest_permissions'] = array(
 
+		'access_mod_center',
 
+		'admin_forum',
 
+		'announce_topic',
 
+		'approve_posts',
 
+		'calendar_edit',
 
+		'delete',
 
 		'delete_replies',
 
+		'edit_news',
 
+		'issue_warning',
 
 		'karma_edit',
 
-		'poll_add_own',
 
+		'lock',
 
+		'make_sticky',
 
+		'manage_attachments',
 
+		'manage_bans',
 
+		'manage_boards',
 
+		'manage_membergroups',
 
+		'manage_permissions',
 
+		'manage_smileys',
 
+		'mark_any_notify',
 
+		'mark_notify',
 
+		'merge_any',
 
+		'moderate_board',
 
+		'moderate_forum',
 
+		'modify',
 
+		'modify_replies',
 
+		'move',
 
+		'pm_autosave_draft',
 
+		'pm_draft',
 
 		'pm_read',
 
 		'pm_send',
 
-		'profile_identity',
 
+		'poll_add',
 
+		'poll_edit',
 
+		'poll_lock',
 
+		'poll_remove',
 
+		'post_autosave_draft',
 
+		'post_draft',
 
+		'profile_blurb',
 
+		'profile_displayed_name',
 
 		'profile_extra',
 
-		'profile_signature',
 
 		'profile_forum',
 
+		'profile_identity',
 
 		'profile_other',
 
 		'profile_password',
 
-		'profile_title',
 
-		'profile_blurb',
 
-		'profile_displayed_name',
 
 		'profile_remove',
 
+		'profile_remote_avatar',
 
 		'profile_server_avatar',
 
+		'profile_signature',
 
+		'profile_title',
 
 		'profile_upload_avatar',
 
-		'profile_remote_avatar',
 
-		'mark_any_notify',
 
-		'mark_notify',
 
-		'admin_forum',
 
-		'manage_boards',
 
-		'manage_attachments',
 
-		'manage_smileys',
 
-		'edit_news',
 
-		'access_mod_center',
 
-		'moderate_forum',
 
-		'issue_warning',
 
-		'manage_membergroups',
 
-		'manage_permissions',
 
-		'manage_bans',
 
-		'move_own',
 
-		'modify_replies',
 
-		'send_mail',
 
-		'approve_posts',
 
-		'post_draft',
 
-		'post_autosave_draft',
 
-		'pm_draft',
 
-		'pm_autosave_draft',
 
+		'remove',
 
 		'report_any',
 
-		'make_sticky',
 
-		'merge_any',
 
+		'send_email_to_members',
 
+		'send_mail',
 
 		'split_any',
 
-		'lock_any',
 
-		'move_any',
 
-		'modify_any',
 
-		'remove_any',
 
-		'moderate_board',
 
-		'poll_add_any',
 
-		'poll_edit_any',
 
-		'poll_lock_any',
 
-		'poll_remove_any',
 
-		'announce_topic'
 
 	);
 
 
 	call_integration_hook('integrate_load_illegal_guest_permissions');

+ 47 - 0
other/upgrade_2-1_mysql.sql
View File 

@@ -772,4 +772,51 @@ ADD COLUMN in_inbox tinyint(3) NOT NULL default '1';
 
 ---# Adding "modified_reason" column to messages
 
 ALTER TABLE {$db_prefix}messages
 
 ADD COLUMN modified_reason varchar(255) NOT NULL;
 
+---#
 
+
 
+/******************************************************************************/
 
+--- Cleaning up guest permissions
 
+/******************************************************************************/
 
+---# Removing permissions guests can no longer have...
 
+---{
 
+	$illegal_board_permissions = array(
 
+		'announce_topic',
 
+		'delete_any',
 
+		'lock_any',
 
+		'make_sticky',
 
+		'merge_any',
 
+		'modify_any',
 
+		'modify_replies',
 
+		'move_any',
 
+		'poll_add_any',
 
+		'poll_edit_any',
 
+		'poll_lock_any',
 
+		'poll_remove_any',
 
+		'remove_any',
 
+		'report_any',
 
+		'split_any'
 
+	);
 
+
 
+	$illegal_permissions = array('calendar_edit_any', 'moderate_board', 'moderate_forum', 'send_email_to_members');
 
+
 
+	$smcFunc['db_query']('', '
 
+		DELETE FROM {db_prefix}board_permissions
 
+		WHERE id_group = {int:guests}
 
+		AND permission IN ({array_string:illegal_board_perms})',
 
+		array(
 
+			'guests' => -1,
 
+			'illegal_board_perms' => $illegal_board_permissions,
 
+		)
 
+	);
 
+
 
+	$smcFunc['db_query']('', '
 
+		DELETE FROM {db_prefix}permissions
 
+		WHERE id_group = {int:guests}
 
+		AND permission IN ({array_string:illegal_perms}',
 
+		array(
 
+			'guests' => -1,
 
+			'illegal_perms' => $illegal_permissions,
 
+		)
 
+	);
 
+---}
 
 ---#

+ 47 - 0
other/upgrade_2-1_postgresql.sql
View File 

@@ -851,4 +851,51 @@ ADD COLUMN in_inbox smallint NOT NULL default '1';
 
 ---# Adding "modified_reason" column to messages
 
 ALTER TABLE {$db_prefix}messages
 
 ADD COLUMN modified_reason varchar(255) NOT NULL default '';
 
+---#
 
+
 
+/******************************************************************************/
 
+--- Cleaning up guest permissions
 
+/******************************************************************************/
 
+---# Removing permissions guests can no longer have...
 
+---{
 
+	$illegal_board_permissions = array(
 
+		'announce_topic',
 
+		'delete_any',
 
+		'lock_any',
 
+		'make_sticky',
 
+		'merge_any',
 
+		'modify_any',
 
+		'modify_replies',
 
+		'move_any',
 
+		'poll_add_any',
 
+		'poll_edit_any',
 
+		'poll_lock_any',
 
+		'poll_remove_any',
 
+		'remove_any',
 
+		'report_any',
 
+		'split_any'
 
+	);
 
+
 
+	$illegal_permissions = array('calendar_edit_any', 'moderate_board', 'moderate_forum', 'send_email_to_members');
 
+
 
+	$smcFunc['db_query']('', '
 
+		DELETE FROM {db_prefix}board_permissions
 
+		WHERE id_group = {int:guests}
 
+		AND permission IN ({array_string:illegal_board_perms})',
 
+		array(
 
+			'guests' => -1,
 
+			'illegal_board_perms' => $illegal_board_permissions,
 
+		)
 
+	);
 
+
 
+	$smcFunc['db_query']('', '
 
+		DELETE FROM {db_prefix}permissions
 
+		WHERE id_group = {int:guests}
 
+		AND permission IN ({array_string:illegal_perms}',
 
+		array(
 
+			'guests' => -1,
 
+			'illegal_perms' => $illegal_permissions,
 
+		)
 
+	);
 
+---}
 
 ---#

+ 47 - 0
other/upgrade_2-1_sqlite.sql
View File 

@@ -828,4 +828,51 @@ ADD COLUMN in_inbox tinyint(3) NOT NULL default '1';
 
 ---# Adding "modified_reason" column to messages
 
 ALTER TABLE {$db_prefix}messages
 
 ADD COLUMN modified_reason varchar(255) NOT NULL default '';
 
+---#
 
+
 
+/******************************************************************************/
 
+--- Cleaning up guest permissions
 
+/******************************************************************************/
 
+---# Removing permissions guests can no longer have...
 
+---{
 
+	$illegal_board_permissions = array(
 
+		'announce_topic',
 
+		'delete_any',
 
+		'lock_any',
 
+		'make_sticky',
 
+		'merge_any',
 
+		'modify_any',
 
+		'modify_replies',
 
+		'move_any',
 
+		'poll_add_any',
 
+		'poll_edit_any',
 
+		'poll_lock_any',
 
+		'poll_remove_any',
 
+		'remove_any',
 
+		'report_any',
 
+		'split_any'
 
+	);
 
+
 
+	$illegal_permissions = array('calendar_edit_any', 'moderate_board', 'moderate_forum', 'send_email_to_members');
 
+
 
+	$smcFunc['db_query']('', '
 
+		DELETE FROM {db_prefix}board_permissions
 
+		WHERE id_group = {int:guests}
 
+		AND permission IN ({array_string:illegal_board_perms})',
 
+		array(
 
+			'guests' => -1,
 
+			'illegal_board_perms' => $illegal_board_permissions,
 
+		)
 
+	);
 
+
 
+	$smcFunc['db_query']('', '
 
+		DELETE FROM {db_prefix}permissions
 
+		WHERE id_group = {int:guests}
 
+		AND permission IN ({array_string:illegal_perms}',
 
+		array(
 
+			'guests' => -1,
 
+			'illegal_perms' => $illegal_permissions,
 
+		)
 
+	);
 
+---}
 
 ---#