Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-07 10:08:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix permission on delete token

Browse Source
This commit is contained in:
Laurent Destailleur
2024-08-31 19:26:46 +02:00
parent 827c3daa03
commit 815352e8f9
9 changed files with 20 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
htdocs/core/modules/oauth/github_oauthcallback.php
View File

@@ -107,7 +107,8 @@ if (!getDolGlobalString($keyforparamsecret)) {
* Actions
*/
if ($action == 'delete') {
if ($action == 'delete' && (!empty($user->admin) || $user->id == GETPOSTINT('userid'))) {
$storage->userid = GETPOSTINT('userid');
$storage->clearToken('GitHub');
setEventMessages($langs->trans('TokenDeleted'), null, 'mesgs');