Merge branch 'master' into develop

LimeSurvey · Sep 16, 2021 · 85f548d · 85f548d
2 parents 033db2e + 58bd049
commit 85f548d
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 5 deletions.
diff --git a/application/controllers/admin/checkintegrity.php b/application/controllers/admin/checkintegrity.php
@@ -567,13 +567,14 @@ protected function _checkintegrity()
         /* Find is some fix is done */
         $bDirectlyFixed = false;
         $aFullOldSIDs = array();
-        // Delete survey permissions if the user does not exist
+        // Delete survey and global permissions if the user does not exist
         $oCriteria = new CDbCriteria();
         $oCriteria->join = 'LEFT JOIN {{users}} u ON {{permissions}}.uid=u.uid';
-        $oCriteria->condition = '(u.uid IS NULL)';
+        $oCriteria->addCondition('u.uid IS NULL');
+        $oCriteria->addCondition("{{permissions}}.entity <> 'role'");
         if (App()->db->driverName == 'pgsql') {
             $oCriteria->join = 'USING {{users}} u';
-            $oCriteria->condition = '{{permissions}}.uid=u.uid AND (u.uid IS NULL)';
+            $oCriteria->addCondition('{{permissions}}.uid=u.uid');
         }
         if (Permission::model()->deleteAll($oCriteria)) {
             $bDirectlyFixed = true;

diff --git a/application/controllers/admin/surveypermission.php b/application/controllers/admin/surveypermission.php
@@ -127,7 +127,6 @@ public function index($iSurveyID)
                 if (Permission::model()->hasSurveyPermission($iSurveyID, 'surveysecurity', 'delete')) {
                     $deleteUrl = App()->createUrl("admin/surveypermission/sa/delete/surveyid/" . $iSurveyID, array(
                         'action' => 'delsurveysecurity',
-                        'user' => $PermissionRow['users_name'],
                         'uid' => $PermissionRow['uid']
                     ));
                     $deleteConfirmMessage = gT("Are you sure you want to delete this entry?");
@@ -530,7 +529,10 @@ function delete($surveyid)
             if (Permission::model()->hasSurveyPermission($surveyid, 'surveysecurity', 'delete')) {
                 if (isset($postuserid)) {
                     $dbresult = Permission::model()->deleteAll("uid = :uid AND entity_id = :sid AND entity = 'survey'", array(':uid' => $postuserid, ':sid' => $surveyid));
-                    $addsummary .= "<br />" . gT("Username") . ": " . sanitize_xss_string(App()->getRequest()->getParam('user')) . "<br /><br />\n";
+                    $user = User::model()->findByPk($postuserid);
+                    if (!empty($user)) {
+                        $addsummary .= "<br />" . gT("Username") . ": " . sanitize_xss_string($user->users_name) . "<br /><br />\n";
+                    }
                     $addsummary .= "<div class=\"successheader\">" . gT("Success!") . "</div>\n";
                 } else {
                     $addsummary .= "<div class=\"warningheader\">" . gT("Could not delete user. User was not supplied.") . "</div>\n";