provide auto admin registration as before, but allow the current admin to create other admins

2012-10-04 23:05:45 -07:00
parent 4302134fdd
commit 7bee460df2
9 changed files with 46 additions and 15 deletions
--- a/include/account.php
+++ b/include/account.php
@@ -77,6 +77,15 @@ function check_account_invite($invite_code) {

 }

+function check_account_admin($arr) {
+	if(is_site_admin())
+		return true;
+	$admin_mail = trim(get_config('system','admin_email'));
+	if(strlen($admin_email) && $admin_email === trim($arr['email']))
+		return true;
+	return false;
+}
+

 function create_account($arr) {

@@ -90,6 +99,7 @@ function create_account($arr) {
 	$password2   = ((x($arr,'password2'))     ? trim($arr['password2'])            : '');
 	$parent      = ((x($arr,'parent'))        ? intval($arr['parent'])             : 0 );
 	$flags       = ((x($arr,'account_flags')) ? intval($arr['account_flags'])      : ACCOUNT_OK);
+	$roles       = ((x($arr,'account_roles')) ? intval($arr['account_roles'])      : 0 );

 	$default_service_class = get_config('system','default_service_class');
 	if($default_service_class === false)
@@ -100,6 +110,13 @@ function create_account($arr) {
 		return $result;
 	}

+	if($roles & ACCOUNT_ROLE_ADMIN) {
+		$admin_result = check_account_admin($arr);
+		if(! $admin_result) {
+			$roles = 0;
+		}
+	}
+
 	$invite_result = check_account_invite($invite_code);
 	if($invite_result['error']) {
 		$result['message'] = $invite_result['message'];
@@ -134,7 +151,7 @@ function create_account($arr) {
 		dbesc(get_best_language()),
 		dbesc(datetime_convert()),
 		dbesc($flags),
-		dbesc(0),
+		dbesc($roles),
 		dbesc($expires),
 		dbesc($default_service_class)

--- a/include/security.php
+++ b/include/security.php
@@ -10,9 +10,9 @@ function authenticate_success($user_record, $login_initial = false, $interactive
 //	logger('authenticate_success: ' . print_r($_SESSION,true));

 	if(x($user_record,'account_id')) {
-		logger('authenticate_success: Red-style');
+//		logger('authenticate_success: Red-style');
 		$a->account = $user_record;
-		$_SESSION['account_id'] = $a->account['account_id'];
+		$_SESSION['account_id'] = $user_record['account_id'];
 		$_SESSION['authenticated'] = 1;
 		
 		if($login_initial) {