Romain Quetiez 9e702899f2 Fixed a security hole: any user was allowed to edit users and profiles, and therefore could give himself admin rights - now, only admins are allowed to do that ...

Also added a debugging capability: user rights shown for any object class, on demand in URP_Users::DisplayBareRelations()

SVN:trunk[178]

2009-09-17 15:50:28 +00:00

8.5 KiB

Raw Blame History

View Raw