From be3e5fbe8dbc4b90f9fad2098326f0304b91ab19 Mon Sep 17 00:00:00 2001 From: nathan Date: Fri, 24 Feb 2023 14:40:51 -0700 Subject: [PATCH] Fix public addressbook categories with were not visible with grant on personal addressbook --- api/src/Categories.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/api/src/Categories.php b/api/src/Categories.php index a688b34e33..39c98ada67 100644 --- a/api/src/Categories.php +++ b/api/src/Categories.php @@ -573,12 +573,13 @@ class Categories } // Check for ACL granted access, the self::GLOBAL_ACCOUNT user must not get access by ACL to keep old behaviour - $acl_grant = $this->account_id != self::GLOBAL_ACCOUNT && ($category['appname'] ?? null) == $this->app_name && $this->app_name != 'addressbook'; + $acl_grant = $this->account_id != self::GLOBAL_ACCOUNT && ($category['appname'] ?? null) == $this->app_name; $owner_grant = false; foreach(!empty($category['owner']) ? explode(',',$category['owner']) : [] as $owner) { $owner_grant = $owner_grant || (is_array($this->grants) && !empty($this->grants[$owner]) && ($this->grants[$owner] & $needed) && - ($category['appname'] !== 'addressbook' && $category['access'] === 'public' || ($this->grants[$owner] & Acl::PRIVAT))); + (($category['appname'] !== 'addressbook' && $category['access'] === 'public' || ($this->grants[$owner] & Acl::PRIVAT)) || + ($category['appname'] == 'addressbook' && $category['access'] === 'public' && ($this->grants[$owner] & $needed)))); } return $acl_grant && $owner_grant; }