summaryrefslogtreecommitdiff
path: root/actions/editgroup.php
diff options
context:
space:
mode:
Diffstat (limited to 'actions/editgroup.php')
-rw-r--r--actions/editgroup.php19
1 files changed, 16 insertions, 3 deletions
diff --git a/actions/editgroup.php b/actions/editgroup.php
index 82b78cc5c..98ebcb87a 100644
--- a/actions/editgroup.php
+++ b/actions/editgroup.php
@@ -88,7 +88,12 @@ class EditgroupAction extends Action
return false;
}
- $this->group = User_group::staticGet('nickname', $nickname);
+ $groupid = $this->trimmed('groupid');
+ if ($groupid) {
+ $this->group = User_group::staticGet('id', $groupid);
+ } else {
+ $this->group = User_group::staticGet('nickname', $nickname);
+ }
if (!$this->group) {
$this->clientError(_('No such group'), 404);
@@ -97,7 +102,7 @@ class EditgroupAction extends Action
$cur = common_current_user();
- if (!$cur->isAdmin($group)) {
+ if (!$cur->isAdmin($this->group)) {
$this->clientError(_('You must be an admin to edit the group'), 403);
return false;
}
@@ -155,6 +160,13 @@ class EditgroupAction extends Action
function trySave()
{
+ $cur = common_current_user();
+ if (!$cur->isAdmin($this->group)) {
+ $this->clientError(_('You must be an admin to edit the group'), 403);
+ return;
+ }
+
+
$nickname = common_canonical_nickname($this->trimmed('nickname'));
$fullname = $this->trimmed('fullname');
$homepage = $this->trimmed('homepage');
@@ -222,4 +234,5 @@ class EditgroupAction extends Action
$group != false &&
$group->id != $this->group->id);
}
-} \ No newline at end of file
+}
+