extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-07 16:44:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

deny sharing owner rights (chmod, chgrp, set eACL) and disable eACL tab

Browse Source
This commit is contained in:
Ralf Becker 2017-11-06 14:52:12 +01:00
parent c9b3f4ae28
commit 0d99d129dc
2 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
api/src/Vfs.php
View File

@ -1383,7 +1383,9 @@ class Vfs
$vfs = new Vfs\StreamWrapper();
$stat = $vfs->url_stat($path,0);
}
return $stat['uid'] == self::$user || // user is the owner
return $stat['uid'] == self::$user && // (current) user is the owner
// in sharing current user != self::$user and should NOT have owner rights
$GLOBALS['egw_info']['user']['account_id'] == self::$user ||
self::$is_root || // class runs with root rights
!$stat['uid'] && $stat['gid'] && self::$is_admin; // group directory and user is an eGW admin
}

3
filemanager/inc/class.filemanager_ui.inc.php
View File

@ -1321,7 +1321,8 @@ class filemanager_ui
5 => lang('Display of content'),
0 => lang('No access'),
);
if(($content['eacl'] = Vfs::get_eacl($content['path'])) !== false) // backend supports eacl
if(($content['eacl'] = Vfs::get_eacl($content['path'])) !== false && // backend supports eacl
$GLOBALS['egw_info']['user']['account_id'] == Vfs::$user) // leave eACL tab disabled for sharing
{
unset($readonlys['tabs']['filemanager.file.eacl']); // --> switch the tab on again
foreach($content['eacl'] as &$eacl)