liquid_feedback_frontend
view app/main/delegation/_action/update.lua @ 9:0ee1e0c42d4c
Version beta5
Minor security fix: Added missing security filter for admin section. Reading of member listing including login names was possible for all users. Write access has not been possible though.
Changing of name and login is possible while a history of these changes is written and accessible by all users.
Statistics shown in area list
Trimming of user input also converts multiple whitespaces to single space character.
Minor security fix: Added missing security filter for admin section. Reading of member listing including login names was possible for all users. Write access has not been possible though.
Changing of name and login is possible while a history of these changes is written and accessible by all users.
Statistics shown in area list
Trimming of user input also converts multiple whitespaces to single space character.
| author | bsw |
|---|---|
| date | Mon Jan 04 12:00:00 2010 +0100 (2010-01-04) |
| parents | afd9f769c7ae |
| children | 02aacb3dffe0 |
line source
1 local truster_id = app.session.member.id
3 local trustee_id = param.get("trustee_id", atom.integer)
5 local area_id = param.get("area_id", atom.integer)
7 local issue_id = param.get("issue_id", atom.integer)
9 if issue_id then
10 area_id = nil
11 end
13 local delegation = Delegation:by_pk(truster_id, area_id, issue_id)
15 if param.get("delete") or trustee_id == -1 then
17 if delegation then
19 delegation:destroy()
21 if issue_id then
22 slot.put_into("notice", _"Your delegation for this issue has been deleted.")
23 elseif area_id then
24 slot.put_into("notice", _"Your delegation for this area has been deleted.")
25 else
26 slot.put_into("notice", _"Your global delegation has been deleted.")
27 end
29 end
31 else
33 if not delegation then
34 delegation = Delegation:new()
35 delegation.truster_id = truster_id
36 delegation.area_id = area_id
37 delegation.issue_id = issue_id
38 if issue_id then
39 delegation.scope = "issue"
40 elseif area_id then
41 delegation.scope = "area"
42 else
43 delegation.scope = "global"
44 end
45 end
47 delegation.trustee_id = trustee_id
49 delegation:save()
51 if issue_id then
52 slot.put_into("notice", _"Your delegation for this issue has been updated.")
53 elseif area_id then
54 slot.put_into("notice", _"Your delegation for this area has been updated.")
55 else
56 slot.put_into("notice", _"Your global delegation has been updated.")
57 end
59 end