From: Alexander Ebert Date: Wed, 12 Jun 2013 19:32:49 +0000 (+0200) Subject: Disabling 3rd party login for users with administrative access X-Git-Tag: 2.0.0_Beta_4~54^2 X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=45ecfc0d092104c4030a561e0734af004993d1ac;p=GitHub%2FWoltLab%2FWCF.git Disabling 3rd party login for users with administrative access --- diff --git a/com.woltlab.wcf/templates/accountManagement.tpl b/com.woltlab.wcf/templates/accountManagement.tpl index 36ab61d132..1b33cedc31 100644 --- a/com.woltlab.wcf/templates/accountManagement.tpl +++ b/com.woltlab.wcf/templates/accountManagement.tpl @@ -222,7 +222,7 @@ - {else} + {else if !$__wcf->getUser()->hasAdministrativeAccess()} {if GITHUB_PUBLIC_KEY !== '' && GITHUB_PRIVATE_KEY !== ''}
{lang}wcf.user.3rdparty.github{/lang}
diff --git a/wcfsetup/install/files/lib/data/user/User.class.php b/wcfsetup/install/files/lib/data/user/User.class.php index 15ce27767a..4abdc1f79c 100644 --- a/wcfsetup/install/files/lib/data/user/User.class.php +++ b/wcfsetup/install/files/lib/data/user/User.class.php @@ -37,6 +37,12 @@ final class User extends DatabaseObject implements IRouteController { */ protected $groupIDs = null; + /** + * true, if user has access to the ACP + * @var boolean + */ + protected $hasAdministrativePermissions = null; + /** * list of language ids * @var array @@ -400,4 +406,27 @@ final class User extends DatabaseObject implements IRouteController { public function canEdit() { return (WCF::getSession()->getPermission('admin.user.canEditUser') && UserGroup::isAccessibleGroup($this->getGroupIDs())); } + + /** + * Returns true, if this user has access to the ACP. + * + * @return boolean + */ + public function hasAdministrativeAccess() { + if ($this->hasAdministrativePermissions === null) { + $this->hasAdministrativePermissions = false; + + if ($this->userID) { + foreach ($this->getGroupIDs() as $groupID) { + $group = UserGroup::getGroupByID($groupID); + if ($group->isAdminGroup()) { + $this->hasAdministrativePermissions = true; + break; + } + } + } + } + + return $this->hasAdministrativePermissions; + } } diff --git a/wcfsetup/install/files/lib/form/AccountManagementForm.class.php b/wcfsetup/install/files/lib/form/AccountManagementForm.class.php index b1497895dd..4f8be9c1f2 100644 --- a/wcfsetup/install/files/lib/form/AccountManagementForm.class.php +++ b/wcfsetup/install/files/lib/form/AccountManagementForm.class.php @@ -158,14 +158,17 @@ class AccountManagementForm extends AbstractSecureForm { if (isset($_POST['username'])) $this->username = StringUtil::trim($_POST['username']); if (isset($_POST['quit'])) $this->quit = intval($_POST['quit']); if (isset($_POST['cancelQuit'])) $this->cancelQuit = intval($_POST['cancelQuit']); - if (isset($_POST['githubConnect'])) $this->githubConnect = intval($_POST['githubConnect']); if (isset($_POST['githubDisconnect'])) $this->githubDisconnect = intval($_POST['githubDisconnect']); - if (isset($_POST['twitterConnect'])) $this->twitterConnect = intval($_POST['twitterConnect']); if (isset($_POST['twitterDisconnect'])) $this->twitterDisconnect = intval($_POST['twitterDisconnect']); - if (isset($_POST['facebookConnect'])) $this->facebookConnect = intval($_POST['facebookConnect']); if (isset($_POST['facebookDisconnect'])) $this->facebookDisconnect = intval($_POST['facebookDisconnect']); - if (isset($_POST['googleConnect'])) $this->googleConnect = intval($_POST['googleConnect']); if (isset($_POST['googleDisconnect'])) $this->googleDisconnect = intval($_POST['googleDisconnect']); + + if (!WCF::getUser()->hasAdministrativeAccess()) { + if (isset($_POST['facebookConnect'])) $this->facebookConnect = intval($_POST['facebookConnect']); + if (isset($_POST['githubConnect'])) $this->githubConnect = intval($_POST['githubConnect']); + if (isset($_POST['googleConnect'])) $this->googleConnect = intval($_POST['googleConnect']); + if (isset($_POST['twitterConnect'])) $this->twitterConnect = intval($_POST['twitterConnect']); + } } /**