"kom-errno.h" must now be included before "manipulate.h".

(do_query_read_texts): Fix error code computations.  (Bug 161 & Bug 703).

src/server/person.c

 /*
- * $Id: person.c,v 0.66 2002/04/12 12:11:03 byers Exp $
+ * $Id: person.c,v 0.67 2002/08/10 18:16:49 ceder Exp $
  * Copyright (C) 1991-1999, 2001  Lysator Academic Computer Association.
  *
  * This file is part of the LysKOM server.
@@ -59,11 +59,11 @@
 #include "com.h"
 #include "async.h"
 #include "connections.h"
+#include "kom-errno.h"
 #include "manipulate.h"
 #include "string-malloc.h"
 #include "debug.h"
 #include "cache.h"
-#include "kom-errno.h"
 #include "server/smalloc.h"
 #include "kom-config.h"
 #include "log.h"
@@ -996,13 +996,10 @@ set_passwd (Pers_no	    person,
 
 /*
  * Ask which texts a person has read in a certain conference.
- * Can be done before login. Will return EMPTY_MEMBERSHIP if VICTIM
+ * Can be done before login. Will return an empty membership if VICTIM
  * has his unread_is_secret-flag set. This can not be distinguished
  * from the case when VICTIM has not read any texts in CONF_NO. This
- * is a feature, not a bug. (FIXME (bug 161): At least I think so. /ceder)
- *
- * FIXME (bug 161): Well, I've changed my mind. This call is full of
- * security holes.   /ceder
+ * is a feature, not a bug.
  *
  * Will fail if VICTIM is not a member of CONF_NO.
  */
@@ -1014,48 +1011,37 @@ do_query_read_texts(Pers_no	  victim,
 {
     Person	* victim_p;
     Membership  * membp;
-    enum access	  victim_acc;
+    enum memb_visibility vis;
 
     CHK_CONNECTION(FAILURE);
     GET_P_STAT( victim_p, victim, FAILURE);
 
-    victim_acc = access_perm(victim, active_connection, unlimited);
-    if ( victim_acc <= none )
+    if (!(access_perm(victim, active_connection, read_protected)
+	  >= read_protected))
     {
         err_stat = victim;
 	kom_errno = KOM_UNDEF_PERS;
 	return FAILURE;
     }
 
-    if (access_perm(conf_no, active_connection, read_protected) <= none)
-    {
-        err_stat = conf_no;
-	kom_errno = KOM_UNDEF_CONF;
-	return FAILURE;
-    }
-    
     membp = locate_membership (conf_no, victim_p);
-
     if (membp == NULL)
     {
-        err_stat = conf_no;
-	kom_errno = KOM_NOT_MEMBER;
+	set_conf_errno(active_connection, conf_no, KOM_NOT_MEMBER);
 	return FAILURE;
     }
 
-    if (membp->type.secret &&
-        !is_supervisor(victim, ACTPERS, ACT_P) &&
-        !ENA(admin, 4))         /* OK -- Guarded */
+    vis = membership_visible(active_connection, victim, conf_no, membp->type,
+			     FALSE, FALSE);
+    if (vis == mv_none)
     {
-        err_stat = conf_no;
-        kom_errno = KOM_NOT_MEMBER;
+	set_conf_errno(active_connection, conf_no, KOM_NOT_MEMBER);
         return FAILURE;
     }
 
     *result = *membp;
 
-    if ( victim_p->flags.unread_is_secret &&
-         victim_acc != unlimited)
+    if (vis == mv_censor_unread)
     {
 	result->last_time_read = NO_TIME;
 	result->last_text_read = 0;