From 9697f788bba11d1d943b74caabcd3be43e0511e7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=B4me=20Chilliet?= <come@opensides.be>
Date: Wed, 6 Jul 2016 05:11:12 +0200
Subject: [PATCH] Fixes #4970 Removed templates on which the user have no
 rights from template list

---
 include/class_objects.inc | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/include/class_objects.inc b/include/class_objects.inc
index f73b179d7..a01114b53 100644
--- a/include/class_objects.inc
+++ b/include/class_objects.inc
@@ -229,9 +229,9 @@ class objects
 
   /* !\brief  This method returns a list of all available templates for the given type
    */
-  static function getTemplates($type)
+  static function getTemplates($type, $requiredPermissions = 'r')
   {
-    global $config;
+    global $config, $ui;
 
     $infos = self::infos($type);
 
@@ -244,7 +244,13 @@ class objects
       $ldap->search('(objectClass=fdTemplate)', array('cn'));
       if ($ldap->count() != 0) {
         while ($attrs = $ldap->fetch()) {
-          $templates[$ldap->getDN()] = $attrs['cn'][0]." - ".LDAP::fix($key);
+          $dn = $ldap->getDN();
+          if ($requiredPermissions != '') {
+            if (!preg_match('/'.$requiredPermissions.'/', $ui->get_permissions($dn, $infos['aclCategory'].'/'.'template'))) {
+              continue;
+            }
+          }
+          $templates[$dn] = $attrs['cn'][0]." - ".LDAP::fix($key);
         }
       }
     }
-- 
GitLab