From 206d0b94f4010e8a5cbce74c5afbae46adf03d74 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Thu, 9 Jan 2020 13:22:29 +0100
Subject: [permissionmanager] Make default roles "builtin" i.e. not modifiable

---
 .../inc/getpermissiondata.inc.php                  | 23 ++++++++++++++--------
 1 file changed, 15 insertions(+), 8 deletions(-)

(limited to 'modules-available/permissionmanager/inc')

diff --git a/modules-available/permissionmanager/inc/getpermissiondata.inc.php b/modules-available/permissionmanager/inc/getpermissiondata.inc.php
index 660c94ae..4dfb09ec 100644
--- a/modules-available/permissionmanager/inc/getpermissiondata.inc.php
+++ b/modules-available/permissionmanager/inc/getpermissiondata.inc.php
@@ -84,7 +84,7 @@ class GetPermissionData
 		if (!empty($joins)) {
 			$joins .= ' GROUP BY r.roleid';
 		}
-		return Database::queryAll("SELECT r.roleid, r.rolename, r.roledescription $cols FROM role r
+		return Database::queryAll("SELECT r.roleid, r.rolename, r.builtin, r.roledescription $cols FROM role r
 			$joins
 			ORDER BY rolename ASC");
 	}
@@ -93,20 +93,21 @@ class GetPermissionData
 	 * Get permissions and locations for a given role.
 	 *
 	 * @param string $roleid id of the role
-	 * @return array array containing an array of permissions and an array of locations
+	 * @return array|false array containing an array of permissions and an array of locations, false if not found
 	 */
 	public static function getRoleData($roleid)
 	{
-		$query = "SELECT roleid, rolename, roledescription FROM role WHERE roleid = :roleid";
-		$data = Database::queryFirst($query, array("roleid" => $roleid));
-		$query = "SELECT roleid, locationid FROM role_x_location WHERE roleid = :roleid";
-		$res = Database::simpleQuery($query, array("roleid" => $roleid));
+		$data = self::getRole($roleid);
+		$res = Database::simpleQuery("SELECT roleid, locationid FROM role_x_location WHERE roleid = :roleid",
+			array("roleid" => $roleid));
+		if ($res === false)
+			return false;
 		$data["locations"] = array();
 		while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
 			$data["locations"][] = $row['locationid'];
 		}
-		$query = "SELECT roleid, permissionid FROM role_x_permission WHERE roleid = :roleid";
-		$res = Database::simpleQuery($query, array("roleid" => $roleid));
+		$res = Database::simpleQuery("SELECT roleid, permissionid FROM role_x_permission WHERE roleid = :roleid",
+			array("roleid" => $roleid));
 		$data["permissions"] = array();
 		while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
 			$data["permissions"][] = $row['permissionid'];
@@ -114,4 +115,10 @@ class GetPermissionData
 		return $data;
 	}
 
+	public static function getRole($roleId)
+	{
+		return Database::queryFirst("SELECT roleid, rolename, builtin, roledescription FROM role
+				WHERE roleid = :roleid", ['roleid' => $roleId]);
+	}
+
 }
\ No newline at end of file
-- 
cgit v1.2.3-55-g7522