From 3631b3e3c91d7f261c49073b11930c1cb53c4739 Mon Sep 17 00:00:00 2001
From: ralf <rb@egroupware.org>
Date: Sat, 30 Mar 2024 09:10:06 +0200
Subject: [PATCH] fix/allow searching, reading and updating own account for
 account-selection preference "none" or "groupmembers"

---
 api/src/Contacts.php     | 6 +++---
 api/src/Contacts/Sql.php | 9 +++++----
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/api/src/Contacts.php b/api/src/Contacts.php
index 7a248086b0..445c6e7767 100755
--- a/api/src/Contacts.php
+++ b/api/src/Contacts.php
@@ -1247,12 +1247,12 @@ class Contacts extends Contacts\Storage
 		}
 		$owner = $contact['owner'];
 
-		// allow the user to edit his own account
-		if (!$owner && $needed == Acl::EDIT && $contact['account_id'] == $user && $this->own_account_acl)
+		// allow the user to read and edit his own account
+		if (!$owner && in_array($needed, [Acl::READ, Acl::EDIT]) && $contact['account_id'] == $user && $this->own_account_acl)
 		{
 			$access = true;
 		}
-		// dont allow to delete own account (as admin handels it too)
+		// don't allow to delete own account (as admin handles it too)
 		elseif (!$owner && $needed == Acl::DELETE && ($deny_account_delete || $contact['account_id'] == $user))
 		{
 			$access = false;
diff --git a/api/src/Contacts/Sql.php b/api/src/Contacts/Sql.php
index dbb2a6a8e6..dc33cf8948 100644
--- a/api/src/Contacts/Sql.php
+++ b/api/src/Contacts/Sql.php
@@ -521,12 +521,13 @@ class Sql extends Api\Storage
 		// add filter for read ACL in sql, if user is NOT the owner of the addressbook
 		if (isset($this->grants) && !$ignore_acl)
 		{
-			// add read ACL for groupmembers (they have no
-			if ($GLOBALS['egw_info']['user']['preferences']['common']['account_selection'] == 'groupmembers' &&
+			// add read ACL for account_selection "none" or "groupmembers", they have no grant for accounts
+			if (in_array($GLOBALS['egw_info']['user']['preferences']['common']['account_selection'], ['none', 'groupmembers']) &&
 				(!isset($filter['owner']) || in_array('0',(array)$filter['owner'])))
 			{
-				$groupmembers = array();
-				foreach($GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'],true) as $group_id)
+				$groupmembers = array($GLOBALS['egw_info']['user']['account_id']);
+				foreach($GLOBALS['egw_info']['user']['preferences']['common']['account_selection'] === 'none' ? [] :
+					$GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'],true) as $group_id)
 				{
 					if (($members = $GLOBALS['egw']->accounts->members($group_id,true)))
 					{