nik/davical
1
0
Fork 0
mirror of https://gitlab.com/davical-project/davical.git synced 2026-02-21 04:43:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Allow users to delete their own relationships, not just admins.

Browse Source
This commit is contained in:
Andrew McMillan 2008-05-07 21:05:06 +12:00
parent 274469105c
commit fe2b6d2352
1 changed files with 26 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
inc/RSCDSUser.php
View File

@ -272,6 +272,31 @@ EOSQL;
}
/**
* Extend parent definition of what the current user is allowed to do
* @param string $whatever What the user wants to do
* @return boolean Whether they are allowed to.
*/
function AllowedTo ( $whatever )
{
global $session;
$rc = false;
switch( strtolower($whatever) ) {
case 'deleterelationship':
$rc = ( $session->AllowedTo("Admin")
|| ($this->user_no > 0 && $session->user_no == $this->user_no) );
break;
default:
$rc = parent::AllowedTo( $whatever );
}
return $rc;
}
/**
* Handle any unusual actions we might invent
*/
@ -283,7 +308,7 @@ EOSQL;
switch( $action ) {
case 'delete_relationship':
dbg_error_log("User",":HandleAction: Deleting relationship to %d from %d", $this->user_no, $_GET['from_user'] );
if ( $this->AllowedTo("Admin") ) {
if ( $this->AllowedTo("DeleteRelationship") ) {
dbg_error_log("User",":HandleAction: Deleting relationship to %d from %d", $this->user_no, $_GET['from_user'] );
$qry = new PgQuery("DELETE FROM relationship WHERE to_user=? AND from_user=?;", $this->user_no, $_GET['from_user'] );
if ( $qry->Exec() ) {