From dcf973ab46f8e56ffbcf2b8112d9290b71c3c0d5 Mon Sep 17 00:00:00 2001
From: Evan Prodromou <evan@controlyourself.ca>
Date: Wed, 21 Jan 2009 10:20:13 -0500
Subject: fix edit group prepare, check for admin

---
 actions/editgroup.php | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/actions/editgroup.php b/actions/editgroup.php
index e0d4c0d03..82b78cc5c 100644
--- a/actions/editgroup.php
+++ b/actions/editgroup.php
@@ -72,9 +72,7 @@ class EditgroupAction extends Action
             return false;
         }
 
-        return true;
-
-        $nickname_arg = $this->arg('nickname');
+        $nickname_arg = $this->trimmed('nickname');
         $nickname = common_canonical_nickname($nickname_arg);
 
         // Permanent redirect on non-canonical nickname
@@ -97,6 +95,13 @@ class EditgroupAction extends Action
             return false;
         }
 
+        $cur = common_current_user();
+
+        if (!$cur->isAdmin($group)) {
+            $this->clientError(_('You must be an admin to edit the group'), 403);
+            return false;
+        }
+
         return true;
     }
 
-- 
cgit v1.2.3-54-g00ecf