Fix #3417: setting $g_manage_news_threshold to 'DEVELOPER' can't add …

…new news. M code/html_api.php (print_menu) Use configured thresholds rather than hard-coded access levels for managing news / projects. git-svn-id: http://mantisbt.svn.sourceforge.net/svnroot/mantisbt/trunk@2271 f5dc347c-c33d-0410-90a0-b07cc1902cb9
mantisbt · Nov 12, 2003 · 955918a · 955918a
1 parent d567488
commit 955918a
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 3 deletions.
diff --git a/core/html_api.php b/core/html_api.php
@@ -6,7 +6,7 @@
 	# See the README and LICENSE files for details
 
 	# --------------------------------------------------------
-	# $Id: html_api.php,v 1.77 2003-08-22 11:48:34 vboctor Exp $
+	# $Id: html_api.php,v 1.78 2003-11-12 20:40:08 vboctor Exp $
 	# --------------------------------------------------------
 
 	###########################################################################
@@ -370,15 +370,15 @@ function print_menu() {
 
 				echo '<a href="proj_doc_page.php">' . lang_get( 'docs_link' ) . '</a> | ';
 
-				if ( access_has_project_level( MANAGER ) ) {
+				if ( access_has_project_level( config_get( 'manage_project_threshold' ) ) ) {
 					if ( access_has_project_level( ADMINISTRATOR ) ) {
 					  $t_link = 'manage_user_page.php';
 					} else {
 					  $t_link = 'manage_proj_page.php';
 					}
 					echo "<a href=\"$t_link\">" . lang_get( 'manage_link' ) . '</a> | ';
 				}
-				if ( access_has_project_level( MANAGER ) ) {
+				if ( access_has_project_level( config_get( 'manage_news_threshold' ) ) ) {
 					# Admin can edit news for All Projects (site-wide)
 					if ( ( ALL_PROJECTS != helper_get_current_project() ) || ( access_has_project_level( ADMINISTRATOR ) ) ) {
 						echo '<a href="news_menu_page.php">' . lang_get( 'edit_news_link' ) . '</a> | ';

diff --git a/doc/ChangeLog b/doc/ChangeLog
@@ -10,6 +10,7 @@ Mantis ChangeLog
  * Fix #3334: Invalid links in bug reminder emails.
  * Fix #3353: History not updated in bug deletion email.
  * Fix #3389: Problems upgrading existing users to administrator.
+ * Fix #3417: Setting $g_manage_news_threshold to 'DEVELOPER' can't add new news.
  * Sec #0000: Various Cross-Site Scripting vulnerabilities fixed (thanks to Paul Richards).
  * Languages: Updated French localisation.