projects / platal.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: d284f75)
Remove 'user' perm from X.net accounts.
authorRaphaël Barrois <raphael.barrois@polytechnique.org>
Sun, 28 Sep 2014 00:06:17 +0000 (02:06 +0200)
committerNicolas Iooss <nicolas.iooss_git@polytechnique.org>
Sun, 16 Nov 2014 14:13:04 +0000 (15:13 +0100)
The 'user' perm describes internal users; it shouldn't be provided to group members.
This should restore proper ACLs on 'X-only' features provided through X.net (e.g comletter).

classes/xnetsession.php patch | blob | blame | history

diff --git a/classes/xnetsession.php b/classes/xnetsession.php
index f03a838..c1c284b 100644 (file)
--- a/classes/xnetsession.php
+++ b/classes/xnetsession.php
@@ -116,7 +116,7 @@ class XnetSession extends XorgSession
         S::set('is_admin', $user->is_admin);
 
         // Add the 'user' perms to the user.
-        $this->makePerms($user->perms . ',' . PERMS_USER, $user->is_admin);
+        $this->makePerms($user->perms, $user->is_admin);
         S::kill('challenge');
         S::kill('loginX');
         S::kill('may_update');
@@ -137,7 +137,7 @@ class XnetSession extends XorgSession
         if (!$this->startSUID($user)) {
             return false;
         }
-        S::set('perms', User::makePerms(PERMS_USER . ",groups"));
+        S::set('perms', User::makePerms("groups"));
         return true;
     }
 
plat/al