tonyair/silverstripe-cms
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-cms synced 2024-06-26 14:39:27 +02:00
Code Issues Projects Releases Wiki Activity

BUGFIX Don't suggest members in SecurityAdmin->autocomplete() that the current user doesn't have rights to edit (fixes #5651)

Browse Source 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@110858 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Ingo Schommer 2010-09-16 05:21:42 +00:00 committed by Sam Minnee
parent c134b8e020
commit 51fee3fe45
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
code/SecurityAdmin.php
View File

@ -283,7 +283,9 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
if($matches) {
$result .= "<ul>";
foreach($matches as $match) {
if(!$match->canView()) continue;
// If the current user doesnt have permissions on the target user,
// he's not allowed to add it to a group either: Don't include it in the suggestions.
if(!$match->canView() || !$match->canEdit()) continue;
$data = $match->FirstName;
$data .= ",$match->Surname";