gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2024-10-05 07:32:13 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

check for access on RemoveUser

Browse Source
This commit is contained in:
Uwe Steinmann 2016-04-13 08:51:57 +02:00
parent 46602c744b
commit 46b36ba7e5
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
views/bootstrap/class.UserList.php
View File

@ -106,7 +106,8 @@ class SeedDMS_View_UserList extends SeedDMS_Bootstrap_Style {
echo "</td>";
echo "<td>";
echo "<div class=\"list-action\">";
echo "<a href=\"../out/out.UsrMgr.php?userid=".$currUser->getID()."\"><i class=\"icon-edit\"></i></a> ";
echo "<a href=\"../out/out.UsrMgr.php?userid=".$currUser->getID()."\"><i class=\"icon-edit\"></i></a> ";
if ($this->check_access('RemoveUser'))
echo "<a href=\"../out/out.RemoveUser.php?userid=".$currUser->getID()."\"><i class=\"icon-remove\"></i></a>";
echo "</div>";
echo "</td>";

2
views/bootstrap/class.UsrMgr.php
View File

@ -185,7 +185,7 @@ $(document).ready( function() {
?>
<table class="table-condensed">
<?php
if($currUser && !in_array($currUser->getID(), $undeluserids)) {
if($currUser && !in_array($currUser->getID(), $undeluserids) && $this->check_access('RemoveUser')) {
?>
<tr>
<td></td>