lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Oine external user login quick fix.

Browse Source
This commit is contained in:
lainwir3d 2021-09-06 12:07:48 +04:00
parent 08ef503548
commit 0fa10c2de7
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
htdocs/user/class/api_users.class.php
View File

@ -151,7 +151,8 @@ class Users extends DolibarrApi
*/
public function get($id, $includepermissions = 0)
{
if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) {
if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin) &&
!(!empty(DolibarrApiAccess::$user->rights->user->self->creer) && (DolibarrApiAccess::$user->id == $id))) {
throw new RestException(401, 'Not allowed');
}
@ -172,6 +173,7 @@ class Users extends DolibarrApi
$this->useraccount->getRights();
}
$this->useraccount->societe_id = $this->useraccount->socid;
return $this->_cleanObjectDatas($this->useraccount);
}
@ -256,7 +258,7 @@ class Users extends DolibarrApi
*/
public function getInfo($includepermissions = 0)
{
if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) {
if(empty(DolibarrApiAccess::$user->rights->user->self->creer) && empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) {
throw new RestException(401, 'Not allowed');
}
@ -283,6 +285,8 @@ class Users extends DolibarrApi
$this->useraccount->user_group_list = $this->_cleanUserGroupListDatas($userGroupList);
$this->useraccount->societe_id = $this->useraccount->socid;
//var_dump($this->useraccount); die();
return $this->_cleanObjectDatas($this->useraccount);
}