bn8/ldapsaisie
1
0
Fork 0
mirror of https://gitlab.easter-eggs.com/ee/ldapsaisie.git synced 2024-11-22 18:09:06 +01:00
Code Issues Projects Releases Wiki Activity

LSsession::checkAccess(): fix checking read right

Browse source
This commit is contained in:
Benjamin Renard 2021-02-02 19:05:09 +01:00
parent cb0106fda9
commit 2544687b27
1 changed files with 16 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
src/includes/class/class.LSsession.php
View file

@ -2213,10 +2213,7 @@ class LSsession {
self :: log_trace("canAccess($LSobject,$dn,$right,$attr): right detected = '$r'"); self :: log_trace("canAccess($LSobject,$dn,$right,$attr): right detected = '$r'");
if (($right=='r')||($right=='w')) { if (($right=='r')||($right=='w')) {
if ($r==$right) { return self :: checkRight($right, $r);
return true;
}
return;
} }
else { else {
if ( ($r=='r') || ($r=='w') ) { if ( ($r=='r') || ($r=='w') ) {
@ -2232,7 +2229,7 @@ class LSsession {
if (($right=='r')||($right=='w')) { if (($right=='r')||($right=='w')) {
foreach($whoami as $who) { foreach($whoami as $who) {
foreach ($attrs_conf as $attr_name => $attr_config) { foreach ($attrs_conf as $attr_name => $attr_config) {
if (isset($attr_config['rights'][$who]) && $attr_config['rights'][$who]==$right) { if (isset($attr_config['rights'][$who]) && self :: checkRight($right, $attr_config['rights'][$who])) {
return true; return true;
} }
} }
@ -2251,6 +2248,20 @@ class LSsession {
return; return;
} }
/**
* Check a requested right against maximum right of a user
* @param string $requested The requested right
* @param string $authorized The authorized maximum right
* @return boolean
*/
public function checkRight($requested, $authorized) {
if ($requested == $authorized)
return true;
if ($requested == 'r' && $authorized == 'w')
return true;
return false;
}
/** /**
* Retourne le droit de l'utilisateur à editer à un objet * Retourne le droit de l'utilisateur à editer à un objet
* *