Copy handler_get_rigths from module core to module admin. Fix calls to

[platal.git] / classes / xnetsession.php

diff --git a/classes/xnetsession.php b/classes/xnetsession.php
index a1a6cf8..6f44dbd 100644 (file)
--- a/classes/xnetsession.php
+++ b/classes/xnetsession.php
@@ -92,24 +92,20 @@ class XnetSession extends XorgSession
 
     protected function startSessionAs($user, $level)
     {
-        global $globals;
-
         if ($level == -1) {
             S::set('auth', AUTH_MDP);
         }
-        $res  = XDB::query('SELECT  u.user_id AS uid, prenom, nom, perms, promo, password, FIND_IN_SET(\'femme\', u.flags) AS femme,
-                                    a.alias AS forlife, a2.alias AS bestalias, q.core_mail_fmt AS mail_fmt, q.core_rss_hash
+        $res  = XDB::query("SELECT  u.user_id AS uid, u.hruid, prenom, nom, perms, promo, password, FIND_IN_SET('femme', u.flags) AS femme,
+                                    q.core_mail_fmt AS mail_fmt, q.core_rss_hash
                               FROM  auth_user_md5   AS u
                         INNER JOIN  auth_user_quick AS q  USING(user_id)
-                        INNER JOIN  aliases         AS a  ON (u.user_id = a.id AND a.type = \'a_vie\')
-                        INNER JOIN  aliases         AS a2 ON (u.user_id = a2.id AND FIND_IN_SET(\'bestalias\', a2.flags))
-                             WHERE  u.user_id = {?} AND u.perms IN(\'admin\', \'user\')
-                             LIMIT  1', $user);
+                             WHERE  u.user_id = {?} AND u.perms IN('admin', 'user')
+                             LIMIT  1", $user);
         $sess = $res->fetchOneAssoc();
         $perms = $sess['perms'];
         unset($sess['perms']);
         $_SESSION = array_merge($_SESSION, $sess);
-        $this->makePerms($perms);
+        S::set('perms', User::makePerms($perms));
         S::kill('challenge');
         S::kill('loginX');
         S::kill('may_update');
@@ -126,23 +122,23 @@ class XnetSession extends XorgSession
 
     public function doSelfSuid()
     {
-        if (!$this->startSUID(S::i('uid'))) {
+        $user =& S::user();
+        if (!$this->startSUID($user)) {
             return false;
         }
-        $this->makePerms('user');
+        S::set('perms', User::makePerms('user'));
         return true;
     }
 
     public function stopSUID()
     {
-        $suid = S::v('suid');
+        $perms = S::suid('perms');
         if (!parent::stopSUID()) {
             return false;
         }
-        S::kill('suid');
         S::kill('may_update');
         S::kill('is_member');
-        S::set('perms', $suid['perms']);
+        S::set('perms', $perms);
         return true;
     }
 }
@@ -166,7 +162,7 @@ function may_update($force = false, $lose = false)
         return false;
     } elseif ($lose) {
         $may_update[$asso_id] = false;
-    } elseif (S::has_perms() || (S::has('suid') && $force)) {
+    } elseif (S::admin() || (S::suid() && $force)) {
         $may_update[$asso_id] = true;
     } elseif (!isset($may_update[$asso_id]) || $force) {
         $res = XDB::query("SELECT  perms
@@ -198,7 +194,7 @@ function is_member($force = false, $lose = false)
         return false;
     } elseif ($lose) {
         $is_member[$asso_id] = false;
-    } elseif (S::has('suid') && $force) {
+    } elseif (S::suid() && $force) {
         $is_member[$asso_id] = true;
     } elseif (!isset($is_member[$asso_id]) || $force) {
         $res = XDB::query("SELECT  COUNT(*)