Merge pull request #6607 from marc1706/ticket/17310

[ticket/17310] Update workflow actions to v4

.github/setup-ldap.sh

@@ -16,4 +16,4 @@ mkdir /var/tmp/slapd
 cp .github/ldap/slapd.conf /var/tmp/slapd/slapd.conf
 slapd -d 256 -d 128 -f /var/tmp/slapd/slapd.conf -h ldap://localhost:3389 &
 sleep 3
-ldapadd -h localhost:3389 -D "cn=admin,dc=example,dc=com" -w adminadmin -f .github/ldap/base.ldif
+ldapadd -H ldap://localhost:3389 -D "cn=admin,dc=example,dc=com" -w adminadmin -f .github/ldap/base.ldif

.github/workflows/tests.yml

@@ -17,7 +17,7 @@ on:
 jobs:
     # Basic checks, e.g. parse errors, commit messages, etc.
     basic-checks:
-        runs-on: ubuntu-20.04
+        runs-on: ubuntu-22.04
         strategy:
             matrix:
                 include:
@@ -29,7 +29,7 @@ jobs:
 
         steps:
             - name: Checkout repository
-              uses: actions/checkout@v3
+              uses: actions/checkout@v4
               with:
                   fetch-depth: 100
 
@@ -51,7 +51,7 @@ jobs:
                   cd ..
 
             - name: Cache Composer dependencies
-              uses: actions/cache@v3
+              uses: actions/cache@v4
               with:
                   path: ${{ steps.composer-cache.outputs.dir }}
                   key: composer-${{ steps.composer-cache.outputs.version }}-${{ hashFiles('phpBB/composer.lock') }}
@@ -88,7 +88,7 @@ jobs:
 
     # Tests for MySQL and MariaDB
     mysql-tests:
-        runs-on: ubuntu-20.04
+        runs-on: ubuntu-22.04
         strategy:
             matrix:
                 include:
@@ -157,7 +157,7 @@ jobs:
 
         steps:
             - name: Checkout repository
-              uses: actions/checkout@v3
+              uses: actions/checkout@v4
 
             - id: database-type
               env:
@@ -184,7 +184,7 @@ jobs:
                   cd ..
 
             - name: Cache Composer dependencies
-              uses: actions/cache@v3
+              uses: actions/cache@v4
               with:
                   path: ${{ steps.composer-cache.outputs.dir }}
                   key: composer-${{ steps.composer-cache.outputs.version }}-${{ hashFiles('phpBB/composer.lock') }}
@@ -229,7 +229,7 @@ jobs:
 
     # Tests for PostgreSQL
     postgres-tests:
-        runs-on: ubuntu-20.04
+        runs-on: ubuntu-22.04
         strategy:
             matrix:
                 include:
@@ -292,7 +292,7 @@ jobs:
 
         steps:
             - name: Checkout repository
-              uses: actions/checkout@v3
+              uses: actions/checkout@v4
 
             - id: database-type
               env:
@@ -319,7 +319,7 @@ jobs:
                   cd ..
 
             - name: Cache Composer dependencies
-              uses: actions/cache@v3
+              uses: actions/cache@v4
               with:
                   path: ${{ steps.composer-cache.outputs.dir }}
                   key: composer-${{ steps.composer-cache.outputs.version }}-${{ hashFiles('phpBB/composer.lock') }}
@@ -347,7 +347,7 @@ jobs:
 
     # Other database types, namely sqlite3 and mssql
     other-tests:
-        runs-on: ubuntu-20.04
+        runs-on: ubuntu-22.04
         strategy:
             matrix:
                 include:
@@ -390,7 +390,7 @@ jobs:
 
         steps:
             - name: Checkout repository
-              uses: actions/checkout@v3
+              uses: actions/checkout@v4
 
             - id: database-type
               env:
@@ -422,7 +422,7 @@ jobs:
                   cd ..
 
             - name: Cache Composer dependencies
-              uses: actions/cache@v3
+              uses: actions/cache@v4
               with:
                   path: ${{ steps.composer-cache.outputs.dir }}
                   key: composer-${{ steps.composer-cache.outputs.version }}-${{ hashFiles('phpBB/composer.lock') }}
@@ -493,7 +493,7 @@ jobs:
                   git config --system core.autocrlf false
                   git config --system core.eol lf
             - name: Checkout repository
-              uses: actions/checkout@v3
+              uses: actions/checkout@v4
 
             - name: Setup PHP
               uses: shivammathur/setup-php@v2
@@ -513,7 +513,7 @@ jobs:
                   cd ..
 
             - name: Cache Composer dependencies
-              uses: actions/cache@v3
+              uses: actions/cache@v4
               with:
                   path: ${{ steps.composer-cache.outputs.dir }}
                   key: composer-${{ steps.composer-cache.outputs.version }}-${{ hashFiles('phpBB/composer.lock') }}

phpBB/includes/acp/auth.php

@@ -95,7 +95,7 @@ class auth_admin extends \phpbb\auth\auth
 			}
 			else
 			{
-				$hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%', ($scope == 'global') ? 0 : false) : $this->$acl_user_function($user_id, $auth_option . '%', ($scope == 'global') ? 0 : false);
+				$hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%') : $this->$acl_user_function($user_id, $auth_option . '%', ($scope == 'global') ? 0 : false);
 			}
 		}
 

phpBB/language/en/acp/permissions_phpbb.php

@@ -159,9 +159,9 @@ $lang = array_merge($lang, array(
 	'ACL_M_MERGE'	=> 'Can merge topics',
 
 	'ACL_M_INFO'		=> 'Can view post details',
-	'ACL_M_WARN'		=> 'Can issue warnings<br /><em>This setting is only assigned globally. It is not forum based.</em>', // This moderator setting is only global (and not local)
+	'ACL_M_WARN'		=> 'Can issue warnings',
-	'ACL_M_PM_REPORT'	=> 'Can close and delete reports of private messages<br /><em>This setting is only assigned globally. It is not forum based.</em>', // This moderator setting is only global (and not local)
+	'ACL_M_PM_REPORT'	=> 'Can close and delete reports of private messages',
-	'ACL_M_BAN'			=> 'Can manage bans<br /><em>This setting is only assigned globally. It is not forum based.</em>', // This moderator setting is only global (and not local)
+	'ACL_M_BAN'			=> 'Can manage bans',
 ));
 
 // Admin Permissions

phpBB/phpbb/auth/auth.php

@@ -776,6 +776,7 @@ class auth
 
 		$sql_group = ($group_id !== false) ? ((!is_array($group_id)) ? 'group_id = ' . (int) $group_id : $db->sql_in_set('group_id', array_map('intval', $group_id))) : '';
 		$sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? 'AND a.forum_id = ' . (int) $forum_id : 'AND ' . $db->sql_in_set('a.forum_id', array_map('intval', $forum_id))) : '';
+		$sql_is_local = $forum_id !== false ? 'AND ao.is_local <> 0' : '';
 
 		$sql_opts = '';
 		$hold_ary = $sql_ary = array();
@@ -787,9 +788,10 @@ class auth
 
 		// Grab group settings - non-role specific...
 		$sql_ary[] = 'SELECT a.group_id, a.forum_id, a.auth_setting, a.auth_option_id, ao.auth_option
-			FROM ' . ACL_GROUPS_TABLE . ' a, ' . ACL_OPTIONS_TABLE . ' ao
+			FROM ' . ACL_GROUPS_TABLE . ' a, ' . ACL_OPTIONS_TABLE . " ao
 			WHERE a.auth_role_id = 0
-				AND a.auth_option_id = ao.auth_option_id ' .
+				AND a.auth_option_id = ao.auth_option_id
+				$sql_is_local " .
 				(($sql_group) ? 'AND a.' . $sql_group : '') . "
 				$sql_forum
 				$sql_opts
@@ -797,9 +799,10 @@ class auth
 
 		// Now grab group settings - role specific...
 		$sql_ary[] = 'SELECT a.group_id, a.forum_id, r.auth_setting, r.auth_option_id, ao.auth_option
-			FROM ' . ACL_GROUPS_TABLE . ' a, ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . ' ao
+			FROM ' . ACL_GROUPS_TABLE . ' a, ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . " ao
 			WHERE a.auth_role_id = r.role_id
-				AND r.auth_option_id = ao.auth_option_id ' .
+				$sql_is_local
+				AND r.auth_option_id = ao.auth_option_id " .
 				(($sql_group) ? 'AND a.' . $sql_group : '') . "
 				$sql_forum
 				$sql_opts

tests/functional/acp_permissions_test.php

@@ -124,4 +124,29 @@ class phpbb_functional_acp_permissions_test extends phpbb_functional_test_case
 		$auth->acl($user_data);
 		$this->assertEquals(0, $auth->acl_get($permission));
 	}
+
+	public function test_forum_permissions_misc()
+	{
+		// Open forum moderators permissions page
+		$crawler = self::request('GET', "adm/index.php?i=acp_permissions&icat=16&mode=setting_mod_local&sid=" . $this->sid);
+
+		// Select "Your first forum"
+		$form = $crawler->filter('#select_victim')->form(['forum_id' => [2]]);
+		$crawler = self::submit($form);
+
+		// Select "Global moderators"
+		$form = $crawler->filter('#add_groups')->form(['group_id' => [4]]);
+		$crawler = self::submit($form);
+
+		// Check that global permissions are not displayed
+		$this->add_lang('acp/permissions_phpbb');
+		$page_text = $crawler->text();
+		$this->assertNotContainsLang('ACL_M_BAN', $page_text);
+		$this->assertNotContainsLang('ACL_M_PM_REPORT', $page_text);
+		$this->assertNotContainsLang('ACL_M_WARN', $page_text);
+
+		// Check that other permissions exist
+		$this->assertContainsLang('ACL_M_EDIT', $page_text);
+		$this->assertContainsLang('ACL_M_MOVE', $page_text);
+	}
 }