diff options
author | Evan Prodromou <evan@controlyourself.ca> | 2009-01-21 10:20:13 -0500 |
---|---|---|
committer | Evan Prodromou <evan@controlyourself.ca> | 2009-01-21 10:20:13 -0500 |
commit | dcf973ab46f8e56ffbcf2b8112d9290b71c3c0d5 (patch) | |
tree | afea6d2cb0c1b73228fd17102f5ebc59cc845c3c | |
parent | 57a9e33b3ca034e4c52ab2e858103d792f9fd5af (diff) |
fix edit group prepare, check for admin
-rw-r--r-- | actions/editgroup.php | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/actions/editgroup.php b/actions/editgroup.php index e0d4c0d03..82b78cc5c 100644 --- a/actions/editgroup.php +++ b/actions/editgroup.php @@ -72,9 +72,7 @@ class EditgroupAction extends Action return false; } - return true; - - $nickname_arg = $this->arg('nickname'); + $nickname_arg = $this->trimmed('nickname'); $nickname = common_canonical_nickname($nickname_arg); // Permanent redirect on non-canonical nickname @@ -97,6 +95,13 @@ class EditgroupAction extends Action return false; } + $cur = common_current_user(); + + if (!$cur->isAdmin($group)) { + $this->clientError(_('You must be an admin to edit the group'), 403); + return false; + } + return true; } |