From bdc1e8a02cb1cf18e41f4a8421f056c97932b7f3 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Rapha=C3=ABl=20Barrois?= <raphael.barrois@polytechnique.org>
Date: Sun, 28 Sep 2014 02:06:17 +0200
Subject: [PATCH] Remove 'user' perm from X.net accounts.

The 'user' perm describes internal users; it shouldn't be provided to group members.
This should restore proper ACLs on 'X-only' features provided through X.net (e.g comletter).
---
 classes/xnetsession.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/classes/xnetsession.php b/classes/xnetsession.php
index f03a838..c1c284b 100644
--- a/classes/xnetsession.php
+++ b/classes/xnetsession.php
@@ -116,7 +116,7 @@ class XnetSession extends XorgSession
         S::set('is_admin', $user->is_admin);
 
         // Add the 'user' perms to the user.
-        $this->makePerms($user->perms . ',' . PERMS_USER, $user->is_admin);
+        $this->makePerms($user->perms, $user->is_admin);
         S::kill('challenge');
         S::kill('loginX');
         S::kill('may_update');
@@ -137,7 +137,7 @@ class XnetSession extends XorgSession
         if (!$this->startSUID($user)) {
             return false;
         }
-        S::set('perms', User::makePerms(PERMS_USER . ",groups"));
+        S::set('perms', User::makePerms("groups"));
         return true;
     }
 
-- 
2.1.4