mirror of
https://github.com/silverstripe/silverstripe-reports
synced 2024-10-22 11:05:53 +02:00
BUGFIX Don't suggest members in SecurityAdmin->autocomplete() that the current user doesn't have rights to edit (fixes #5651)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@110858 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
parent
c134b8e020
commit
51fee3fe45
@ -283,7 +283,9 @@ class SecurityAdmin extends LeftAndMain implements PermissionProvider {
|
|||||||
if($matches) {
|
if($matches) {
|
||||||
$result .= "<ul>";
|
$result .= "<ul>";
|
||||||
foreach($matches as $match) {
|
foreach($matches as $match) {
|
||||||
if(!$match->canView()) continue;
|
// If the current user doesnt have permissions on the target user,
|
||||||
|
// he's not allowed to add it to a group either: Don't include it in the suggestions.
|
||||||
|
if(!$match->canView() || !$match->canEdit()) continue;
|
||||||
|
|
||||||
$data = $match->FirstName;
|
$data = $match->FirstName;
|
||||||
$data .= ",$match->Surname";
|
$data .= ",$match->Surname";
|
||||||
|
Loading…
Reference in New Issue
Block a user