diff options
Diffstat (limited to 'actions/editgroup.php')
-rw-r--r-- | actions/editgroup.php | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/actions/editgroup.php b/actions/editgroup.php index 82b78cc5c..98ebcb87a 100644 --- a/actions/editgroup.php +++ b/actions/editgroup.php @@ -88,7 +88,12 @@ class EditgroupAction extends Action return false; } - $this->group = User_group::staticGet('nickname', $nickname); + $groupid = $this->trimmed('groupid'); + if ($groupid) { + $this->group = User_group::staticGet('id', $groupid); + } else { + $this->group = User_group::staticGet('nickname', $nickname); + } if (!$this->group) { $this->clientError(_('No such group'), 404); @@ -97,7 +102,7 @@ class EditgroupAction extends Action $cur = common_current_user(); - if (!$cur->isAdmin($group)) { + if (!$cur->isAdmin($this->group)) { $this->clientError(_('You must be an admin to edit the group'), 403); return false; } @@ -155,6 +160,13 @@ class EditgroupAction extends Action function trySave() { + $cur = common_current_user(); + if (!$cur->isAdmin($this->group)) { + $this->clientError(_('You must be an admin to edit the group'), 403); + return; + } + + $nickname = common_canonical_nickname($this->trimmed('nickname')); $fullname = $this->trimmed('fullname'); $homepage = $this->trimmed('homepage'); @@ -222,4 +234,5 @@ class EditgroupAction extends Action $group != false && $group->id != $this->group->id); } -}
\ No newline at end of file +} + |