From 8b4b1d24e616c03bccdb2293cb0018f4798deab9 Mon Sep 17 00:00:00 2001
From: Damien <damien.burel@maarch.org>
Date: Wed, 5 Jun 2019 10:27:50 +0200
Subject: [PATCH] FEAT #10741 TIME 0:10 Set action control if substituted

---
 src/app/document/controllers/DocumentController.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/app/document/controllers/DocumentController.php b/src/app/document/controllers/DocumentController.php
index d214d9d9c7..ccb6814216 100755
--- a/src/app/document/controllers/DocumentController.php
+++ b/src/app/document/controllers/DocumentController.php
@@ -348,6 +348,11 @@ class DocumentController
             return $response->withStatus(403)->withJson(['errors' => 'Document out of perimeter']);
         }
 
+        $currentUser = UserModel::getById(['id' => $GLOBALS['id'], 'select' => ['substitute']]);
+        if (!empty($currentUser['substitute'])) {
+            return $response->withStatus(403)->withJson(['errors' => 'User can not make action with substituted account']);
+        }
+
         if (empty(DocumentController::ACTIONS[$args['actionId']])) {
             return $response->withStatus(400)->withJson(['errors' => 'Action does not exist']);
         }
-- 
GitLab