From 023e2a6ab01224cb8fb8430bad62fc57e03dc53e Mon Sep 17 00:00:00 2001
From: Benjamin Sonntag <benjamin@alternc.org>
Date: Sun, 11 Apr 2010 13:39:24 +0000
Subject: [PATCH] adding a variable 'subadmin_restriction' who determine how
 the account list may be accessed by admin account who are not uid=2000

---
 bureau/admin/adm_doedit.php |  5 ++++-
 bureau/admin/adm_edit.php   |  4 +++-
 bureau/admin/adm_list.php   | 23 ++++++++++-------------
 bureau/admin/adm_login.php  |  4 +++-
 bureau/class/m_admin.php    |  3 ++-
 5 files changed, 22 insertions(+), 17 deletions(-)

diff --git a/bureau/admin/adm_doedit.php b/bureau/admin/adm_doedit.php
index cd1bbe07..c6f9a4e0 100644
--- a/bureau/admin/adm_doedit.php
+++ b/bureau/admin/adm_doedit.php
@@ -35,7 +35,10 @@ if (!$admin->enabled) {
   __("This page is restricted to authorized staff");
   exit();
 }
-if (!$admin->checkcreator($uid)) {
+
+$subadmin=variable_get("subadmin_restriction");
+
+if ($subadmin==0 && !$admin->checkcreator($uid)) {
   __("This page is restricted to authorized staff");
   exit();
 }
diff --git a/bureau/admin/adm_edit.php b/bureau/admin/adm_edit.php
index 9471444a..a82a1c64 100644
--- a/bureau/admin/adm_edit.php
+++ b/bureau/admin/adm_edit.php
@@ -42,7 +42,9 @@ $fields = array (
 );
 getFields($fields);
 
-if (!$admin->checkcreator($uid)) {
+$subadmin=variable_get("subadmin_restriction");
+
+if ($subadmin==0 && !$admin->checkcreator($uid)) {
 	__("This page is restricted to authorized staff");
 	exit();
 }
diff --git a/bureau/admin/adm_list.php b/bureau/admin/adm_list.php
index 9d0cab33..b69f880c 100644
--- a/bureau/admin/adm_list.php
+++ b/bureau/admin/adm_list.php
@@ -40,17 +40,20 @@ if (!$admin->enabled) {
 
 $fields = array (
 	"show"    => array ("request", "string", ""),
-	"creator_id" => array("request", "integer", 2000),
+	"creator" => array("request", "integer", 0),
 );
 getFields($fields);
 
-if ($show && $cuid != 2000)
+$subadmin=variable_get("subadmin_restriction");
+
+if ($subadmin==0 && $show && $cuid != 2000)
 {
 	__("This page is restricted to authorized staff");
 	exit();
 }
 
-$r=$admin->get_list($show == 'all' ? 1 : 0, $creator_id);
+
+$r=$admin->get_list($show == 'all' ? 1 : 0, $creator);
 
 ?>
 <h3><?php __("Member list"); ?></h3>
@@ -64,12 +67,12 @@ $r=$admin->get_list($show == 'all' ? 1 : 0, $creator_id);
 &nbsp;
 <?php if($_REQUEST['show'] != 'all') {
   echo '<br /><a href="adm_list.php?show=all">' . _('List all the accounts') . '</a>';
-  if ($cuid == 2000) {
+  if ($subadmin!=0 || $cuid==2000) {
     $list_creators = $admin->get_creator_list();
     $infos_creators = array();
 
     foreach ($list_creators as $key => $val) {
-      $infos_creators[] = '<a href="adm_list.php?show_all&creator=' . $val['uid'] . '">' . $val['login'] . '</a>';
+      $infos_creators[] = '<a href="adm_list.php?creator=' . $val['uid'] . '">' . $val['login'] . '</a>';
     }
 
     if (count($infos_creators)) {
@@ -117,7 +120,6 @@ while (list($key,$val)=each($r))
 ?>
 	<tr class="lst<?php echo $col; ?>">
 <?php
-		  if($admin->checkcreator($val['uid'])) {
  if ($val["su"]) { ?>
 			<td>&nbsp;</td>
 <?php } else { ?>
@@ -130,16 +132,11 @@ while (list($key,$val)=each($r))
 		if (!$val["enabled"])
 			echo "<img src=\"icon/encrypted.png\" width=\"16\" height=\"16\" alt=\""._("Locked Account")."\" />";
 		else {
-		  if($admin->checkcreator($val['uid'])) {
 		?>
 			<a href="adm_login.php?id=<?php echo $val["uid"];?>"><?php __("Connect as"); ?></a>
-		<?php } } ?>
+		<?php } ?>
 		</td>
-		    <?php
-		    } else { 
-		      echo "<td colspan=\"5\"></td>"; 
-		    }
- ?>
+
 		<td <?php if ($val["su"]) echo "style=\"color: red\""; ?>><?php echo $val["login"] ?></td>
 		<td><a href="mailto:<?php echo $val["mail"]; ?>"><?php echo $val["nom"]." ".$val["prenom"] ?></a>&nbsp;</td>
 		<td><?php echo $val["parentlogin"] ?></td>
diff --git a/bureau/admin/adm_login.php b/bureau/admin/adm_login.php
index 077abdd4..b8614ae5 100644
--- a/bureau/admin/adm_login.php
+++ b/bureau/admin/adm_login.php
@@ -39,7 +39,9 @@ $fields = array (
 );
 getFields($fields);
 
-if (!$admin->checkcreator($id)) {
+$subadmin=variable_get("subadmin_restriction");
+
+if ($subadmin==0 && !$admin->checkcreator($id)) {
   __("This page is restricted to authorized staff");
   exit();
 }
diff --git a/bureau/class/m_admin.php b/bureau/class/m_admin.php
index d1ba5717..8bde44e6 100644
--- a/bureau/class/m_admin.php
+++ b/bureau/class/m_admin.php
@@ -197,7 +197,7 @@ class m_admin {
       return false;
     }
     $db=new DB_System();
-    if ($mem->user['uid']==2000 && $creator) {
+    if ($creator) {
       // Limit listing to a specific reseller
       $db->query("SELECT uid FROM membres WHERE creator='".$creator."' ORDER BY login;");
     } elseif ($mem->user['uid']==2000 || $all) {
@@ -215,6 +215,7 @@ class m_admin {
     }
   }
 
+
   /**
    * Returns an array with the known information about resellers (uid, login, number of accounts)
    * Does not include account 2000 in the list.