From 54a5fb5a2b7d45f394a44037601413aba0d1cf57 Mon Sep 17 00:00:00 2001
From: FusionPBX <markjcrane@gmail.com>
Date: Sat, 28 May 2022 17:19:37 -0600
Subject: [PATCH] Access Controls protect new users from hurting themselves.

---
 app/access_controls/access_control_edit.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/app/access_controls/access_control_edit.php b/app/access_controls/access_control_edit.php
index e8a1dd3dbe..e99b4f0008 100644
--- a/app/access_controls/access_control_edit.php
+++ b/app/access_controls/access_control_edit.php
@@ -17,7 +17,7 @@
 
 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
-	Portions created by the Initial Developer are Copyright (C) 2018 - 2020
+	Portions created by the Initial Developer are Copyright (C) 2018 - 2022
 	the Initial Developer. All Rights Reserved.
 */
 
@@ -145,6 +145,11 @@
 				$access_control_uuid = uuid();
 			}
 
+		//protect users by forcing default to deny
+			if ($access_control_name == 'providers' || $access_control_name == 'domains') {
+				$access_control_default = 'deny';
+			}
+
 		//prepare the array
 			$array['access_controls'][0]['access_control_uuid'] = $access_control_uuid;
 			$array['access_controls'][0]['access_control_name'] = $access_control_name;