From 62f2a0babf3816f651bfbfbd5449b202965eefba Mon Sep 17 00:00:00 2001
From: drigato <denise.rigato@sourcefabric.org>
Date: Wed, 21 Jan 2015 11:31:28 -0500
Subject: [PATCH 1/3] CC-5981: Admin users can't delete webstreams created by
 other users

---
 airtime_mvc/application/models/Webstream.php | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/airtime_mvc/application/models/Webstream.php b/airtime_mvc/application/models/Webstream.php
index a7e7d82b1..007e78938 100644
--- a/airtime_mvc/application/models/Webstream.php
+++ b/airtime_mvc/application/models/Webstream.php
@@ -88,11 +88,19 @@ class Application_Model_Webstream implements Application_Model_LibraryEditable
 
     public static function deleteStreams($p_ids, $p_userId)
     {
-        $leftOver = self::streamsNotOwnedByUser($p_ids, $p_userId);
-        if (count($leftOver) == 0) {
-            CcWebstreamQuery::create()->findPKs($p_ids)->delete();
+        $userInfo = Zend_Auth::getInstance()->getStorage()->read();
+        $user = new Application_Model_User($userInfo->id);
+        $isAdminOrPM = $user->isUserType(array(UTYPE_ADMIN, UTYPE_PROGRAM_MANAGER));
+        
+        if (!$isAdminOrPM) {
+            $leftOver = self::streamsNotOwnedByUser($p_ids, $p_userId);
+            if (count($leftOver) == 0) {
+                CcWebstreamQuery::create()->findPKs($p_ids)->delete();
+            } else {
+                throw new WebstreamNoPermissionException;
+            }
         } else {
-            throw new WebstreamNoPermissionException;
+            CcWebstreamQuery::create()->findPKs($p_ids)->delete();
         }
     }
 

From 39445c945f18719f83cfb43a1ff6ef53d5c3ba3f Mon Sep 17 00:00:00 2001
From: Albert Santoni <albert.santoni@sourcefabric.org>
Date: Wed, 21 Jan 2015 12:14:44 -0500
Subject: [PATCH 2/3] Added upgrade.py helper script (for development only)

---
 utils/upgrade.py | 54 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)
 create mode 100755 utils/upgrade.py

diff --git a/utils/upgrade.py b/utils/upgrade.py
new file mode 100755
index 000000000..d77ab86dc
--- /dev/null
+++ b/utils/upgrade.py
@@ -0,0 +1,54 @@
+#!/usr/bin/python
+
+import ConfigParser
+import argparse
+import requests
+from urlparse import urlparse
+import sys
+
+CONFIG_PATH='/etc/airtime/airtime.conf'
+GENERAL_CONFIG_SECTION = "general"
+
+def read_config_file(config_path):
+    """Parse the application's config file located at config_path."""
+    config = ConfigParser.SafeConfigParser()
+    try:
+        config.readfp(open(config_path))
+    except IOError as e:
+        print "Failed to open config file at " + config_path + ": " + e.strerror 
+        exit(-1)
+    except Exception:
+        print e.strerror 
+        exit(-1)
+
+    return config
+
+if __name__ == '__main__':
+    config = read_config_file(CONFIG_PATH)
+    api_key = config.get(GENERAL_CONFIG_SECTION, 'api_key')
+    base_url = config.get(GENERAL_CONFIG_SECTION, 'base_url')
+    base_dir = config.get(GENERAL_CONFIG_SECTION, 'base_dir')
+    action = "upgrade"
+    airtime_url = ""
+
+    parser = argparse.ArgumentParser()
+    parser.add_argument('--downgrade', help='Downgrade the station', action="store_true")
+    parser.add_argument('station_url', help='station URL', nargs='?', default='')
+    args = parser.parse_args()
+    
+    if args.downgrade:
+        action = "downgrade"
+
+    if airtime_url == "":
+        airtime_url = "http://%s%s" % (base_url, base_dir)
+
+    # Add http:// if you were lazy and didn't pass a scheme to this script
+    url = urlparse(airtime_url) 
+    if not url.scheme:
+        airtime_url = "http://%s" % airtime_url
+
+    print "Requesting %s..." % action
+    r = requests.get("%s/%s" % (airtime_url, action), auth=(api_key, ''))
+    print r.text
+    r.raise_for_status()
+

From 6492128ce9761e1e9562f3f83a4fc72088dde36d Mon Sep 17 00:00:00 2001
From: Duncan Sommerville <duncan.sommerville@gmail.com>
Date: Wed, 21 Jan 2015 15:15:22 -0500
Subject: [PATCH 3/3] Hide Now Playing toolbar for Guest users

---
 airtime_mvc/public/js/airtime/showbuilder/builder.js | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/airtime_mvc/public/js/airtime/showbuilder/builder.js b/airtime_mvc/public/js/airtime/showbuilder/builder.js
index 4f03e6dfa..139660dd7 100644
--- a/airtime_mvc/public/js/airtime/showbuilder/builder.js
+++ b/airtime_mvc/public/js/airtime/showbuilder/builder.js
@@ -1059,7 +1059,10 @@ var AIRTIME = (function(AIRTIME){
                     "<i class='icon-white icon-ban-circle'></i></button></div>");
         }
 
-        $toolbar.append($menu);
+        if (localStorage.getItem('user-type') != 'G') {
+            $toolbar.append($menu);
+        }
+        
         $menu = undefined;
         
         $('#timeline-sa').click(function(){mod.selectAll();});