[pLog-svn] r6569 - plog/branches/lifetype-1.2/class/action/admin
Jon Daley
plogworld at jon.limedaley.com
Wed Jun 18 09:59:55 EDT 2008
Right, I know we need to let him update the post he just added,
but what about other posts - I expect he can edit other posts, and the
permission system would normally prevent him from doing that, but I think
he can bypass it by using the draft update. Is that incorrect?
On Wed, 18 Jun 2008, mark at devel.lifetype.net wrote:
> Author: mark
> Date: 2008-06-18 03:45:07 -0400 (Wed, 18 Jun 2008)
> New Revision: 6569
>
> Modified:
> plog/branches/lifetype-1.2/class/action/admin/adminsavedraftarticleajaxaction.class.php
> Log:
> Yes, we should let user update his draft post, or this function is useless.
>
> Modified: plog/branches/lifetype-1.2/class/action/admin/adminsavedraftarticleajaxaction.class.php
> ===================================================================
> --- plog/branches/lifetype-1.2/class/action/admin/adminsavedraftarticleajaxaction.class.php 2008-06-18 07:43:49 UTC (rev 6568)
> +++ plog/branches/lifetype-1.2/class/action/admin/adminsavedraftarticleajaxaction.class.php 2008-06-18 07:45:07 UTC (rev 6569)
> @@ -53,8 +53,6 @@
> // in case the post is already in the db
> if( $this->_postId != "" ) {
> $article->setId( $this->_postId );
> - // TODO: can a user without the update_post permission
> - // update using the savedraft method?
> $postSavedOk = $articles->updateArticle( $article );
>
> if( $postSavedOk )
> @@ -86,4 +84,4 @@
> return true;
> }
> }
> -?>
> \ No newline at end of file
> +?>
>
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://limedaley.com/mailman/listinfo/plog-svn
>
--
Jon Daley
http://jon.limedaley.com
~~
Common sense is the collection of prejudices acquired by age 18.
-- Albert Einstein
More information about the pLog-svn
mailing list