1
MS-2001
kernel\user.php -> isAdmin()
  • 2005/3/30 13:52

  • MS-2001

  • Quite a regular

  • Posts: 204

  • Since: 2004/7/27


Hi there,

I've got a problem with the following function:

function isAdmin$module_id null ) {
        if ( 
is_null$module_id ) ) {
            
$module_id = isset($GLOBALS['xoopsModule']) ? $GLOBALS['xoopsModule']->getVar'mid''n' ) : 1;
        } elseif ( 
intval($module_id) < ) {
            
$module_id 0;
        }
        
$moduleperm_handler =& xoops_gethandler('groupperm');
        return 
$moduleperm_handler->checkRight('module_admin'$module_id$this->getGroups());
    }


Now I've got several groups (e.g. Newsadmins: Module-Admin-Right for the Newsmodul, nothing else; Forumadmins: Module-Admin-Right for the Forum, nothing else). But they can't open the admin.php because the "don't have the permission to show this area". But that's not true. They've got Adminrights for "one" of my modules (or more). So why can't they open this file?

Is there an update (I've got 2.0.7.3 I think) or somekind of a hack??

Thanks for you help.

2
MS-2001
Re: kernel\user.php -> isAdmin()
  • 2005/3/31 14:28

  • MS-2001

  • Quite a regular

  • Posts: 204

  • Since: 2004/7/27


No idea?

3
Mithrandir
Re: kernel\user.php -> isAdmin()

I can't say why right at this moment, but for some reason (that will deffo be changed in XOOPS 2.1) module admins need at least one system administration privilege to get access to the module administration. I usually give them "find users" since they can't mess up much with that privilege only.

4
rowdie
Re: kernel\user.php -> isAdmin()
  • 2005/3/31 15:58

  • rowdie

  • Just can't stay away

  • Posts: 846

  • Since: 2004/7/21


I once tested this and found that the behaviour had been changed for 2.0.9.x.

For 2.0.7.3 you need to give a system administration privilege for the is_admin to be true. For later versions it doesn't matter if the user has system admin priveleges, they won't see an administration link unless they have admin priviliges for the current module.

It was really frustrating at the time because the administration link would only appear when the user was viewing a module that they have admin privileges for. So if they had privileges for a module that wasn't currently visible from the main site, they had to use the url to get there. Giving them a system admin privilege made no difference

This is going from how I remember it (my memory isn't all that great on details), I haven't looked at permissions in a while and don't really know what the current situation is. It's good news that it will be looked at for version 2.1/2.2 though.

5
MS-2001
Re: kernel\user.php -> isAdmin()
  • 2005/4/1 17:42

  • MS-2001

  • Quite a regular

  • Posts: 204

  • Since: 2004/7/27


is there a way to rewrite the isAdmin function so the bug is fixed because i dont want to give them sys-admin-rights...

6
MS-2001
Re: kernel\user.php -> isAdmin()
  • 2005/4/5 14:43

  • MS-2001

  • Quite a regular

  • Posts: 204

  • Since: 2004/7/27


hello?

7
Mithrandir
Re: kernel\user.php -> isAdmin()

modules/system/blocks/system_blocks.php, line 160:

$block['lang_adminmenu'] = _MB_SYSTEM_ADMENU//existing
$block['admin'] = $xoopsUser->isAdmin(0); //add this line
return $block//existing line


modules/system/templates/blocks/system_block_user.html, line 14:
change
<{if $xoops_isadmin}>


to

<{if $block.admin}>


Then update the system module through modules admin

8
MS-2001
Re: kernel\user.php -> isAdmin()
  • 2005/4/7 16:07

  • MS-2001

  • Quite a regular

  • Posts: 204

  • Since: 2004/7/27


ok. i did it like that:

1.) system_blocks.php, function: b_system_user_show()
i added the following lines:
if ($xoopsUser->isAdmin(0)) {
$block['isAdmin'] = true;


2.) tpls -> system -> system_block_user.html
i changed
<{if $xoosp_isadmin}>


to

<{if $block.isAdmin}>


Now the users with some mod-admin-rights can see the adminbutton but they cant enter the adminmenu because of missing access rights.

so i opened admin.php in my root dir an changed
if ( !$xoopsUser->isAdmin() ) {  // line 36


to

if ( !$xoopsUser->isAdmin(0) ) {


Is it ok or are there any security-reasons for why i shouldn't do that?

9
MS-2001
Re: kernel\user.php -> isAdmin()
  • 2005/4/9 11:45

  • MS-2001

  • Quite a regular

  • Posts: 204

  • Since: 2004/7/27


I just need a "yes" or a "no"

10
Mithrandir
Re: kernel\user.php -> isAdmin()

should be fine

Login

Who's Online

225 user(s) are online (110 user(s) are browsing Support Forums)


Members: 0


Guests: 225


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Oct 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits