front end fix for 31456: Editing a superuser clears their access flags

patch by jmrobin@tgix.com

diff --git a/editusers.cgi b/editusers.cgi
index 3af80a86aaed8ebe30c0b5681e99d52a772f0f96..e5784c8db848c62179476ad29c34d330b4e0554f 100755 (executable)
--- a/editusers.cgi
+++ b/editusers.cgi
@@ -746,27 +746,33 @@ if ($action eq 'update') {
         SendSQL("SELECT groupset FROM profiles WHERE login_name=" .
                 SqlQuote($userold));
         $groupsetold = FetchOneColumn();
-        SendSQL("UPDATE profiles
-                SET groupset = 
+        # Updated, 5/7/00, Joe Robins
+        # We don't want to change the groupset of a superuser.
+        if($groupsetold eq $::superusergroupset) {
+          print "Cannot change permissions of superuser.\n";
+        } else {
+           SendSQL("UPDATE profiles
+                    SET groupset =
                          groupset - (groupset & $opblessgroupset) + $groupset
-                WHERE login_name=" . SqlQuote($userold));
-
-        # I'm paranoid that someone who I give the ability to bless people
-        # will start misusing it.  Let's log who blesses who (even though
-        # nothing actually uses this log right now).
-        my $fieldid = GetFieldID("groupset");
-        SendSQL("SELECT userid, groupset FROM profiles WHERE login_name=" .
-                SqlQuote($userold));
-        my $u;
-        ($u, $groupset) = (FetchSQLData());
-        if ($groupset ne $groupsetold) {
-            SendSQL("INSERT INTO profiles_activity " .
-                    "(userid,who,profiles_when,fieldid,oldvalue,newvalue) " .
-                    "VALUES " .
-                    "($u, $::userid, now(), $fieldid, " .
-                    " $groupsetold, $groupset)");
-        }
-       print "Updated permissions.\n";
+                    WHERE login_name=" . SqlQuote($userold));
+
+           # I'm paranoid that someone who I give the ability to bless people
+           # will start misusing it.  Let's log who blesses who (even though
+           # nothing actually uses this log right now).
+           my $fieldid = GetFieldID("groupset");
+           SendSQL("SELECT userid, groupset FROM profiles WHERE login_name=" .
+                   SqlQuote($userold));
+           my $u;
+           ($u, $groupset) = (FetchSQLData());
+           if ($groupset ne $groupsetold) {
+               SendSQL("INSERT INTO profiles_activity " .
+                       "(userid,who,profiles_when,fieldid,oldvalue,newvalue) " .
+                       "VALUES " .
+                       "($u, $::userid, now(), $fieldid, " .
+                       " $groupsetold, $groupset)");
+           }
+          print "Updated permissions.\n";
+       }
     }
 
     if ($editall && $blessgroupset ne $blessgroupsetold) {

diff --git a/globals.pl b/globals.pl
index d8d1bc142988a306e10780809458bd7b3151c39e..e1dab238dd0aad7e498953175031e68144fc59cb 100644 (file)
--- a/globals.pl
+++ b/globals.pl
@@ -77,6 +77,10 @@ $::defaultqueryname = "(Default query)";
 $::unconfirmedstate = "UNCONFIRMED";
 $::dbwritesallowed = 1;
 
+# Adding a global variable for the value of the superuser groupset.
+# Joe Robins, 7/5/00
+$::superusergroupset = "9223372036854775807";
+
 sub ConnectToDatabase {
     my ($useshadow) = (@_);
     if (!defined $::db) {