Merge pull request #497 from fermionic/permission-denied-to-allowed-contact
allow contact if in allowed group, even if not in non-empty allowed contacts
This commit is contained in:
commit
d93e34b2ae
|
@ -214,7 +214,7 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
|
|||
$gs .= '|<' . intval($g) . '>';
|
||||
}
|
||||
|
||||
$sql = sprintf(
|
||||
/*$sql = sprintf(
|
||||
" AND ( allow_cid = '' OR allow_cid REGEXP '<%d>' )
|
||||
AND ( deny_cid = '' OR NOT deny_cid REGEXP '<%d>' )
|
||||
AND ( allow_gid = '' OR allow_gid REGEXP '%s' )
|
||||
|
@ -224,6 +224,16 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
|
|||
intval($remote_user),
|
||||
dbesc($gs),
|
||||
dbesc($gs)
|
||||
);*/
|
||||
$sql = sprintf(
|
||||
" AND ( NOT (deny_cid REGEXP '<%d>' OR deny_gid REGEXP '%s')
|
||||
AND ( allow_cid REGEXP '<%d>' OR allow_gid REGEXP '%s' OR ( allow_cid = '' AND allow_gid = '') )
|
||||
)
|
||||
",
|
||||
intval($remote_user),
|
||||
dbesc($gs),
|
||||
intval($remote_user),
|
||||
dbesc($gs)
|
||||
);
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue