From 3d30ebdba127dbf176d192e54d1398e97efc1fc1 Mon Sep 17 00:00:00 2001
From: Joseph AKEL <joseph.akel@maarch.org>
Date: Tue, 27 Jun 2023 15:12:57 +0200
Subject: [PATCH] FIX #25530 02:45 Fix condition in UserController/getById()
 when usersGroups is empty and in SignatureController/updateSubstituted() when
 checking global id and arg id

---
 src/app/user/controllers/SignatureController.php |  4 ++++
 src/app/user/controllers/UserController.php      | 10 ++++++----
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/src/app/user/controllers/SignatureController.php b/src/app/user/controllers/SignatureController.php
index 36561906c1..b342b88f41 100755
--- a/src/app/user/controllers/SignatureController.php
+++ b/src/app/user/controllers/SignatureController.php
@@ -223,6 +223,10 @@ class SignatureController
             return $response->withStatus(403)->withJson(['errors' => 'Privilege forbidden']);
         }
 
+        if (!UserController::hasRightByUserId(['activeUserId' => $GLOBALS['id'], 'targetUserId' => $args['id']]) && $GLOBALS['id'] !== intval($args['id'])) {
+            return $response->withStatus(403)->withJson(['errors' => 'Privilege forbidden']);
+        }
+
         $user = UserModel::getById(['select' => [1], 'id' => $args['id']]);
         if (empty($user)) {
             return $response->withStatus(400)->withJson(['errors' => 'User does not exist']);
diff --git a/src/app/user/controllers/UserController.php b/src/app/user/controllers/UserController.php
index ae060a9498..e9b83b6b05 100755
--- a/src/app/user/controllers/UserController.php
+++ b/src/app/user/controllers/UserController.php
@@ -118,8 +118,10 @@ class UserController
             if ($GLOBALS['id'] != $args['id']) {
                 $groupsIds = array_values(array_intersect($groupsIds, array_column(UserController::getManageableGroups(['userId' => $GLOBALS['id']]), 'id')));
             }
-            $groups = GroupModel::get(['select' => ['label', 'id'], 'where' => ['id in (?)'], 'data' => [$groupsIds]]);
-            $user['groups'] = $groups;
+            if(!empty($groupsIds)){
+                $groups = GroupModel::get(['select' => ['label', 'id'], 'where' => ['id in (?)'], 'data' => [$groupsIds]]);
+                $user['groups'] = $groups;
+            }
         } else {
             $user = UserModel::getById(['select' => ['id', 'firstname', 'lastname', 'email', 'phone', 'substitute'], 'id' => $args['id']]);
         }
@@ -224,7 +226,7 @@ class UserController
         if (!Validator::intVal()->notEmpty()->validate($args['id'])) {
             return $response->withStatus(400)->withJson(['errors' => 'Route id is not an integer']);
         }
-        
+
         $connection = ConfigurationModel::getConnection();
         if (($GLOBALS['id'] != $args['id'] || $connection != 'default') && !UserController::hasRightByUserId(['activeUserId' => $GLOBALS['id'], 'targetUserId' => $args['id']])) {
             return $response->withStatus(403)->withJson(['errors' => 'Privilege forbidden']);
@@ -255,7 +257,7 @@ class UserController
             'firstname'       => $body['firstname'],
             'lastname'        => $body['lastname'],
             'email'           => $body['email'],
-            'phone'           => $body['phone'] ?? null,  
+            'phone'           => $body['phone'] ?? null,
             'signature_modes' => []
         ];
 
-- 
GitLab