holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ADD ACL doesn't mean add in infolog, so use edit OR add for new entries

Browse Source
This commit is contained in:
Nathan Gray 2011-12-07 15:28:32 +00:00
parent ada529a9d5
commit 7f48378cff
1 changed files with 5 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
infolog/inc/class.infolog_bo.inc.php
View File

@ -828,15 +828,13 @@ class infolog_bo
if (isset($this->group_owners[$values['info_type']]))
{
$values['info_owner'] = $this->group_owners[$values['info_type']];
if ($values['info_id'] && !($this->grants[$this->group_owners[$values['info_type']]] & EGW_ACL_EDIT))
if (!($this->grants[$this->group_owners[$values['info_type']]] & EGW_ACL_EDIT))
{
if (!$this->check_access($values['info_id'],EGW_ACL_EDIT)) return false; // no edit rights from the group-owner and no implicit rights (delegated and sufficient rights)
}
else if (!$values['info_id'] && !($this->grants[$this->group_owners[$values['info_type']]] & EGW_ACL_ADD))
if (!$this->check_access($values['info_id'],EGW_ACL_EDIT) ||
!$values['info_id'] && !$this->check_access($values,EGW_ACL_ADD)
)
{
if (!$this->check_access($values,EGW_ACL_ADD))
{
return false;
return false; // no edit rights from the group-owner and no implicit rights (delegated and sufficient rights)
}
}
}