From ab3f28f4c868b787ad605d65dea7d6e1d08dcb52 Mon Sep 17 00:00:00 2001 From: Michael Date: Mon, 12 Mar 2018 04:50:07 +0000 Subject: [PATCH] Fix: We have to be able to remove delegations as well --- mod/delegate.php | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/mod/delegate.php b/mod/delegate.php index eeadb8fee..510fc0ec8 100644 --- a/mod/delegate.php +++ b/mod/delegate.php @@ -31,16 +31,18 @@ function delegate_post(App $a) $parent_uid = defaults($_POST, 'parent_user', 0); $parent_password = defaults($_POST, 'parent_password', ''); - $user = dba::selectFirst('user', ['nickname'], ['uid' => $parent_uid]); - if (!DBM::is_result($user)) { - notice(L10n::t('Parent user not found.') . EOL); - return; - } + if ($parent_uid != 0) { + $user = dba::selectFirst('user', ['nickname'], ['uid' => $parent_uid]); + if (!DBM::is_result($user)) { + notice(L10n::t('Parent user not found.') . EOL); + return; + } - $success = User::authenticate($user['nickname'], trim($parent_password)); - if (!$success) { - notice(L10n::t('Permission denied.') . EOL); - return; + $success = User::authenticate($user['nickname'], trim($parent_password)); + if (!$success) { + notice(L10n::t('Permission denied.') . EOL); + return; + } } dba::update('user', ['parent-uid' => $parent_uid], ['uid' => local_user()]);