Skip to content
Snippets Groups Projects
Commit 78788fa1 authored by Joseph AKEL's avatar Joseph AKEL Committed by Jean-Laurent DUZANT
Browse files

FIX #25530 02:00 Removing from updateSubstituted the control if user has the... 

FIX #25530 02:00 Removing from updateSubstituted the control if user has the privilege to manage group
parent 3ed5df32
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
src/app/user/controllers/SignatureController.php
+ 0
4
View file @ 78788fa1
...@@ -223,10 +223,6 @@ class SignatureController ...@@ -223,10 +223,6 @@ class SignatureController
return $response->withStatus(403)->withJson(['errors' => 'Privilege forbidden']); return $response->withStatus(403)->withJson(['errors' => 'Privilege forbidden']);
} }
if (!UserController::hasRightByUserId(['activeUserId' => $GLOBALS['id'], 'targetUserId' => $args['id']]) && $GLOBALS['id'] !== $args['id']) {
return $response->withStatus(403)->withJson(['errors' => 'Privilege forbidden']);
}
$user = UserModel::getById(['select' => [1], 'id' => $args['id']]); $user = UserModel::getById(['select' => [1], 'id' => $args['id']]);
if (empty($user)) { if (empty($user)) {
return $response->withStatus(400)->withJson(['errors' => 'User does not exist']); return $response->withStatus(400)->withJson(['errors' => 'User does not exist']);
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment