extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2025-02-16 18:31:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix for not working as intended deny access on group feature

Browse Source
This commit is contained in:
Klaus Leithoff 2015-11-17 12:14:23 +00:00
parent e5ee34c006
commit dafbe6f9b5
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
mail/inc/class.mail_hooks.inc.php
View File

@ -716,8 +716,12 @@ class mail_hooks
//error_log(__METHOD__.__LINE__.' '.$feature.':'.array2string($config['deny_'.$feature])); //error_log(__METHOD__.__LINE__.' '.$feature.':'.array2string($config['deny_'.$feature]));
if (!empty($config['deny_'.$feature])) if (!empty($config['deny_'.$feature]))
{ {
$denied_groups = explode(',', $config['deny_'.$feature]); //error_log(__METHOD__.__LINE__.' feature:'.$feature.':'.array2string($config['deny_'.$feature]));
return array_intersect($denied_groups, $GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'], true)); $denied_groups = (is_array($config['deny_'.$feature])?$config['deny_'.$feature]:explode(',', $config['deny_'.$feature]));
//error_log(__METHOD__.__LINE__.array2string($GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'], true)));
//error_log(__METHOD__.__LINE__.array2string(array_intersect($denied_groups, $GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'], true))));
// since access asks positively, the stored deny_$feature must return false if we find the denied group in the users membership-list
return (array_intersect($denied_groups, $GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'], true))?false:true);
} }
return true; return true;
} }