mirror of
https://github.com/EGroupware/egroupware.git
synced 2025-01-03 04:29:28 +01:00
fix/allow searching, reading and updating own account for account-selection preference "none" or "groupmembers"
This commit is contained in:
parent
c8fefbf573
commit
143bfce59b
@ -1247,12 +1247,12 @@ class Contacts extends Contacts\Storage
|
|||||||
}
|
}
|
||||||
$owner = $contact['owner'];
|
$owner = $contact['owner'];
|
||||||
|
|
||||||
// allow the user to edit his own account
|
// allow the user to read and edit his own account
|
||||||
if (!$owner && $needed == Acl::EDIT && $contact['account_id'] == $user && $this->own_account_acl)
|
if (!$owner && in_array($needed, [Acl::READ, Acl::EDIT]) && $contact['account_id'] == $user && $this->own_account_acl)
|
||||||
{
|
{
|
||||||
$access = true;
|
$access = true;
|
||||||
}
|
}
|
||||||
// dont allow to delete own account (as admin handels it too)
|
// don't allow to delete own account (as admin handles it too)
|
||||||
elseif (!$owner && $needed == Acl::DELETE && ($deny_account_delete || $contact['account_id'] == $user))
|
elseif (!$owner && $needed == Acl::DELETE && ($deny_account_delete || $contact['account_id'] == $user))
|
||||||
{
|
{
|
||||||
$access = false;
|
$access = false;
|
||||||
|
@ -521,12 +521,13 @@ class Sql extends Api\Storage
|
|||||||
// add filter for read ACL in sql, if user is NOT the owner of the addressbook
|
// add filter for read ACL in sql, if user is NOT the owner of the addressbook
|
||||||
if (isset($this->grants) && !$ignore_acl)
|
if (isset($this->grants) && !$ignore_acl)
|
||||||
{
|
{
|
||||||
// add read ACL for groupmembers (they have no
|
// add read ACL for account_selection "none" or "groupmembers", they have no grant for accounts
|
||||||
if ($GLOBALS['egw_info']['user']['preferences']['common']['account_selection'] == 'groupmembers' &&
|
if (in_array($GLOBALS['egw_info']['user']['preferences']['common']['account_selection'], ['none', 'groupmembers']) &&
|
||||||
(!isset($filter['owner']) || in_array('0',(array)$filter['owner'])))
|
(!isset($filter['owner']) || in_array('0',(array)$filter['owner'])))
|
||||||
{
|
{
|
||||||
$groupmembers = array();
|
$groupmembers = array($GLOBALS['egw_info']['user']['account_id']);
|
||||||
foreach($GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'],true) as $group_id)
|
foreach($GLOBALS['egw_info']['user']['preferences']['common']['account_selection'] === 'none' ? [] :
|
||||||
|
$GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'],true) as $group_id)
|
||||||
{
|
{
|
||||||
if (($members = $GLOBALS['egw']->accounts->members($group_id,true)))
|
if (($members = $GLOBALS['egw']->accounts->members($group_id,true)))
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user