nsinnovations/fusionpbx
2
0
Fork 0
mirror of https://github.com/fusionpbx/fusionpbx.git synced 2026-02-20 09:56:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Bug fix for api_key

Browse Source 
If someone without the api_key permissions modified a user, it would wipe out the api_key value.
This commit is contained in:
konradSC
2021-01-07 08:43:58 -05:00
committed by GitHub
parent 623ce81875
commit 8767a28f69
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
core/users/user_edit.php
View File

@@ -135,7 +135,9 @@
}
$group_uuid_name = $_POST["group_uuid_name"];
$user_enabled = $_POST["user_enabled"];
$api_key = $_POST["api_key"];
if (permission_exists('api_key')) {
$api_key = $_POST["api_key"];
}
if (permission_exists('message_key')) {
$message_key = $_POST["message_key"];
}
@@ -498,7 +500,9 @@
$array['users'][$x]['user_email'] = $user_email;
$array['users'][$x]['user_status'] = $user_status;
if (permission_exists('user_add') || permission_exists('user_edit')) {
$array['users'][$x]['api_key'] = ($api_key != '') ? $api_key : null;
if (permission_exists('api_key')) {
$array['users'][$x]['api_key'] = ($api_key != '') ? $api_key : null;
}
$array['users'][$x]['user_enabled'] = $user_enabled;
if (permission_exists('contact_add')) {
$array['users'][$x]['contact_uuid'] = ($contact_uuid != '') ? $contact_uuid : null;