From ce1530ea369b1c2799458a4a33c9d80e8475e7ea Mon Sep 17 00:00:00 2001 From: Art Cancro Date: Sun, 14 Apr 2002 22:27:05 +0000 Subject: [PATCH] * Added access control checking to CtdlRenameRoom() --- citadel/ChangeLog | 4 ++++ citadel/room_ops.c | 13 ++++++++++++- citadel/room_ops.h | 3 ++- 3 files changed, 18 insertions(+), 2 deletions(-) diff --git a/citadel/ChangeLog b/citadel/ChangeLog index 5de84d1fb..e579576a5 100644 --- a/citadel/ChangeLog +++ b/citadel/ChangeLog @@ -1,4 +1,7 @@ $Log$ + Revision 591.8 2002/04/14 22:27:05 ajc + * Added access control checking to CtdlRenameRoom() + Revision 591.7 2002/04/14 22:11:22 ajc * New back end function CtdlRenameRoom() which is used to rename a room and/or move it to a different floor. @@ -3596,3 +3599,4 @@ Sat Jul 11 00:20:48 EDT 1998 Nathan Bryant Fri Jul 10 1998 Art Cancro * Initial CVS import + diff --git a/citadel/room_ops.c b/citadel/room_ops.c index 19a60e78d..a2e7db3b9 100644 --- a/citadel/room_ops.c +++ b/citadel/room_ops.c @@ -1041,6 +1041,12 @@ int CtdlRenameRoom(char *old_name, char *new_name, int new_floor) { ret = crr_room_not_found; } + else if ( (CC->usersupp.axlevel < 6) + && (CC->usersupp.usernum != qrbuf.QRroomaide) + && ( (((qrbuf.QRflags & QR_MAILBOX) == 0) || (atol(qrbuf.QRname) != CC->usersupp.usernum))) ) { + ret = crr_access_denied; + } + else if (is_noneditable(&qrbuf)) { ret = crr_noneditable; } @@ -1092,7 +1098,7 @@ void cmd_setr(char *args) int new_floor; char new_name[ROOMNAMELEN]; - if (CtdlAccessCheck(ac_room_aide)) return; + if (CtdlAccessCheck(ac_logged_in)) return; if (num_parms(args) >= 6) { new_floor = extract_int(args, 5); @@ -1128,6 +1134,11 @@ void cmd_setr(char *args) cprintf("%d Target floor does not exist.\n", ERROR + INVALID_FLOOR_OPERATION); } + else if (r == crr_access_denied) { + cprintf("%d You do not have permission to edit '%s'\n", + ERROR + HIGHER_ACCESS_REQUIRED, + CC->quickroom.QRname); + } else if (r != crr_ok) { cprintf("%d Error: CtdlRenameRoom() returned %d\n", ERROR, r); diff --git a/citadel/room_ops.h b/citadel/room_ops.h index 832a35f65..2ef7dae4f 100644 --- a/citadel/room_ops.h +++ b/citadel/room_ops.h @@ -62,5 +62,6 @@ enum { crr_room_not_found, /* room not found */ crr_already_exists, /* new name already exists */ crr_noneditable, /* cannot edit this room */ - crr_invalid_floor /* target floor does not exist */ + crr_invalid_floor, /* target floor does not exist */ + crr_access_denied /* not allowed to edit this room */ }; -- 2.39.2