fix/allow searching, reading and updating own account for account-selection preference "none" or "groupmembers"

This commit is contained in:
ralf 2024-03-30 09:10:06 +02:00
parent c8fefbf573
commit 143bfce59b
2 changed files with 8 additions and 7 deletions

View File

@ -1247,12 +1247,12 @@ class Contacts extends Contacts\Storage
}
$owner = $contact['owner'];
// allow the user to edit his own account
if (!$owner && $needed == Acl::EDIT && $contact['account_id'] == $user && $this->own_account_acl)
// allow the user to read and edit his own account
if (!$owner && in_array($needed, [Acl::READ, Acl::EDIT]) && $contact['account_id'] == $user && $this->own_account_acl)
{
$access = true;
}
// dont allow to delete own account (as admin handels it too)
// don't allow to delete own account (as admin handles it too)
elseif (!$owner && $needed == Acl::DELETE && ($deny_account_delete || $contact['account_id'] == $user))
{
$access = false;

View File

@ -521,12 +521,13 @@ class Sql extends Api\Storage
// add filter for read ACL in sql, if user is NOT the owner of the addressbook
if (isset($this->grants) && !$ignore_acl)
{
// add read ACL for groupmembers (they have no
if ($GLOBALS['egw_info']['user']['preferences']['common']['account_selection'] == 'groupmembers' &&
// add read ACL for account_selection "none" or "groupmembers", they have no grant for accounts
if (in_array($GLOBALS['egw_info']['user']['preferences']['common']['account_selection'], ['none', 'groupmembers']) &&
(!isset($filter['owner']) || in_array('0',(array)$filter['owner'])))
{
$groupmembers = array();
foreach($GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'],true) as $group_id)
$groupmembers = array($GLOBALS['egw_info']['user']['account_id']);
foreach($GLOBALS['egw_info']['user']['preferences']['common']['account_selection'] === 'none' ? [] :
$GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'],true) as $group_id)
{
if (($members = $GLOBALS['egw']->accounts->members($group_id,true)))
{