extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2025-06-30 22:51:01 +02:00
Code Issues Packages Projects Releases Wiki Activity

Take contact shares into account for push ACL checks

Browse Source
This commit is contained in:
nathangray
2021-02-24 14:28:17 -07:00
parent 1f41bba904
commit 158e65fc90
5 changed files with 59 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
api/js/jsapi/egw_app.ts
View File

@ -329,14 +329,25 @@ export abstract class EgwApp
{
let grants = egw.grants(this.appname);
// No grants known
if(!grants) return true;
// check user has a grant from owner or something
for(let i = 0; i < grant_fields.length; i++)
{
if(grants && typeof grants[pushData.acl[grant_fields[i]]] !== 'undefined')
let grant_field = pushData.acl[grant_fields[i]];
if(["number","string"].indexOf(typeof grant_field) >=0 && grants[grant_field] !== 'undefined')
{
// ACL access
return true;
}
else if(!Object.keys(grants).filter(function(grant_account) {
return grant_field.indexOf(grant_account) >= 0 ||
grant_field.indexOf(parseInt(grant_account)).length
}))
{
return false;
}
}
return false;
}