BUGFIX: Don't let non ADMINs with permission-editing rights assign themselves ADMIN permissions. (from r89805) (from r96718)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102341 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Ingo Schommer 2010-04-12 01:47:48 +00:00
parent 19911cd241
commit 920f0aaa1a

View File

@ -489,7 +489,7 @@ class Permission extends DataObject {
'help' => null,
'sort' => 100000
);
if($classes) foreach($classes as $class) {
$SNG = singleton($class);
if($SNG instanceof TestOnly) continue;
@ -533,6 +533,9 @@ class Permission extends DataObject {
'sort' => 0
);
}
// Don't let people hijack ADMIN rights
if(!Permission::check("ADMIN")) unset($allCodes['ADMIN']);
ksort($allCodes);