extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-22 07:53:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

Check record-level permissions

Browse Source
This commit is contained in:
nathangray 2018-05-31 10:16:29 -06:00
parent 3d45c7193b
commit a5f5930064
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
api/src/Contacts.php
View File

@ -1204,13 +1204,16 @@ class Contacts extends Contacts\Storage
{ {
$access = !!array_intersect($memberships,$GLOBALS['egw']->accounts->memberships($contact['account_id'],true)); $access = !!array_intersect($memberships,$GLOBALS['egw']->accounts->memberships($contact['account_id'],true));
} }
else if ($contact['id'] && $GLOBALS['egw']->acl->check('A'.$contact['id'], $needed, 'addressbook'))
{
$access = true;
}
else else
{ {
$access = ($grants[$owner] & $needed) && $access = ($grants[$owner] & $needed) &&
(!$contact['private'] || ($grants[$owner] & Acl::PRIVAT) || in_array($owner,$memberships)); (!$contact['private'] || ($grants[$owner] & Acl::PRIVAT) || in_array($owner,$memberships));
} }
//error_log(__METHOD__."($needed,$contact[id],$deny_account_delete,$user) returning ".array2string($access)); //error_log(__METHOD__."($needed,$contact[id],$deny_account_delete,$user) returning ".array2string($access));
return true;
return $access; return $access;
} }