Security function add_group_member() doesn't work as expected when called by internal BeBot process.
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
BeBot |
Fix Released
|
Undecided
|
Temar |
Bug Description
Line 700 of Security.php, function add_group_member.
Default value for $caller is "Internal Process". The function has a check to see if the access level of $caller is greater than the access level of the group being modified.
if ($this -> get_access_
{
return $return;
}
As this check does not provide an exception for Internal Process, and call to this function by an internal BeBot process will fail. Discovered this wile creating a module that would automatically populate a security group based on other criteria in the database.
summary: |
- Security function add_group_member() + Security function add_group_member() doesn't work as expected when + called by internal BeBot process. |
Changed in bebot: | |
assignee: | nobody → Temar (chris-smith96) |
status: | New → Fix Committed |
Changed in bebot: | |
status: | Fix Committed → Fix Released |