mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-26 16:48:49 +01:00
fix admin was not able to see devices and logs of an other user, if he opened that users preferences via admin context-menu
This commit is contained in:
parent
65a26d707a
commit
bd5fc3ed11
@ -107,10 +107,11 @@ class Hooks
|
||||
$logs = array();
|
||||
if (file_exists($log_dir=$GLOBALS['egw_info']['server']['files_dir'].'/groupdav') && ($files = scandir($log_dir)))
|
||||
{
|
||||
$account_lid_len = strlen($GLOBALS['egw_info']['user']['account_lid']);
|
||||
$account_lid = Api\Accounts::id2name($hook_data['account_id']);
|
||||
$account_lid_len = strlen($account_lid);
|
||||
foreach($files as $log)
|
||||
{
|
||||
if (substr($log,0,$account_lid_len+1) == $GLOBALS['egw_info']['user']['account_lid'].'-' &&
|
||||
if (substr($log,0,$account_lid_len+1) == $account_lid.'-' &&
|
||||
substr($log,-4) == '.log')
|
||||
{
|
||||
$logs['groupdav/'.$log] = Api\DateTime::to(filemtime($log_dir.'/'.$log)).': '.
|
||||
@ -153,7 +154,9 @@ class Hooks
|
||||
public static function log()
|
||||
{
|
||||
$filename = $_GET['filename'];
|
||||
if (!preg_match('|^groupdav/'.preg_quote($GLOBALS['egw_info']['user']['account_lid'],'|').'-[^/]+\.log$|',$filename))
|
||||
$matches = null;
|
||||
if (!preg_match('|^groupdav/'.($GLOBALS['egw_info']['user']['apps']['admin'] ? '[^-]+' :
|
||||
preg_quote($GLOBALS['egw_info']['user']['account_lid'], '|')).'-(.*)\.log$|', $filename, $matches))
|
||||
{
|
||||
throw new Api\Exception\WrongParameter("Access denied to file '$filename'!");
|
||||
}
|
||||
@ -161,8 +164,7 @@ class Hooks
|
||||
body { background-color: #e0e0e0; overflow: hidden; }
|
||||
pre.tail { background-color: white; padding-left: 5px; margin-left: 5px; }
|
||||
';
|
||||
$header = str_replace('!','/',substr($filename,10+strlen($GLOBALS['egw_info']['user']['account_lid']),-4));
|
||||
$tail = new Api\Json\Tail($filename);
|
||||
$GLOBALS['egw']->framework->render($tail->show($header),false,false);
|
||||
$GLOBALS['egw']->framework->render($tail->show(str_replace('!', '/', $matches[1])),false,false);
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user