Verified Commit ac090ea0 authored by Côme Chilliet's avatar Côme Chilliet
Browse files

🚑 fix(webservice) Fix ACL check in search to take base into account

This fixes corner cases where self ACLs allows a search to happen.

issue #6036
parent f447ebc7
...@@ -220,7 +220,7 @@ class fdRPCService ...@@ -220,7 +220,7 @@ class fdRPCService
protected function _ls ($type, $attrs = NULL, $ou = NULL, $filter = '', $scope = 'subtree', $templateSearch = FALSE) protected function _ls ($type, $attrs = NULL, $ou = NULL, $filter = '', $scope = 'subtree', $templateSearch = FALSE)
{ {
global $config, $ui; global $config, $ui;
$this->checkAccess($type); $this->checkAccess($type, NULL, $ou);
if (!in_array($scope, ['base','one','subtree'])) { if (!in_array($scope, ['base','one','subtree'])) {
throw new WebServiceError(sprintf('Invalid scope "%s"', $scope)); throw new WebServiceError(sprintf('Invalid scope "%s"', $scope));
} }
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment