Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

FIX CWE-269 - huntr - Can download files of an agenda event

Browse Source
This commit is contained in:
Laurent Destailleur
2021-05-24 20:04:23 +02:00
parent d4310f49c4
commit 31af74f852
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
htdocs/core/lib/files.lib.php
View File

@@ -2447,6 +2447,16 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
// Wrapping for events // Wrapping for events
if ($fuser->rights->agenda->myactions->{$read}) { if ($fuser->rights->agenda->myactions->{$read}) {
$accessallowed = 1; $accessallowed = 1;
// If we known $id of project, call checkUserAccessToObject to check permission on the given agenda event on properties and assigned users
if ($refname && !preg_match('/^specimen/i', $original_file)) {
include_once DOL_DOCUMENT_ROOT.'/comm/action/class/actioncomm.class.php';
$tmpobject = new ActionComm($db);
$tmpobject->fetch((int) $refname);
$accessallowed = checkUserAccessToObject($user, array('agenda'), $tmpobject->id, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id', '');
if ($user->socid && $tmpobject->socid) {
$accessallowed = checkUserAccessToObject($user, array('societe'), $tmpobject->socid);
}
}
} }
$original_file = $conf->agenda->dir_output.'/'.$original_file; $original_file = $conf->agenda->dir_output.'/'.$original_file;
} elseif ($modulepart == 'category' && !empty($conf->categorie->multidir_output[$entity])) { } elseif ($modulepart == 'category' && !empty($conf->categorie->multidir_output[$entity])) {