summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEvan Prodromou <evan@controlyourself.ca>2009-01-21 10:20:13 -0500
committerEvan Prodromou <evan@controlyourself.ca>2009-01-21 10:20:13 -0500
commitdcf973ab46f8e56ffbcf2b8112d9290b71c3c0d5 (patch)
treeafea6d2cb0c1b73228fd17102f5ebc59cc845c3c
parent57a9e33b3ca034e4c52ab2e858103d792f9fd5af (diff)
fix edit group prepare, check for admin
-rw-r--r--actions/editgroup.php11
1 files changed, 8 insertions, 3 deletions
diff --git a/actions/editgroup.php b/actions/editgroup.php
index e0d4c0d03..82b78cc5c 100644
--- a/actions/editgroup.php
+++ b/actions/editgroup.php
@@ -72,9 +72,7 @@ class EditgroupAction extends Action
return false;
}
- return true;
-
- $nickname_arg = $this->arg('nickname');
+ $nickname_arg = $this->trimmed('nickname');
$nickname = common_canonical_nickname($nickname_arg);
// Permanent redirect on non-canonical nickname
@@ -97,6 +95,13 @@ class EditgroupAction extends Action
return false;
}
+ $cur = common_current_user();
+
+ if (!$cur->isAdmin($group)) {
+ $this->clientError(_('You must be an admin to edit the group'), 403);
+ return false;
+ }
+
return true;
}