From bbf61c39502ec7d9a086779ae99b29b5c4762824 Mon Sep 17 00:00:00 2001
From: FusionPBX <markjcrane@gmail.com>
Date: Fri, 18 Feb 2022 14:08:14 -0700
Subject: [PATCH] Use contact permissions for the fax contacts if value is
 true.

---
 app/fax/fax_send.php | 44 +++++++++++++++++++++++---------------------
 1 file changed, 23 insertions(+), 21 deletions(-)

diff --git a/app/fax/fax_send.php b/app/fax/fax_send.php
index 873dec34ab..c81befa57f 100644
--- a/app/fax/fax_send.php
+++ b/app/fax/fax_send.php
@@ -943,28 +943,30 @@ if (!$included) {
 		$sql .= "and cp.phone_type_fax = 1 ";
 		$sql .= "and cp.phone_number is not null ";
 		$sql .= "and cp.phone_number <> '' ";
-		if (is_array($user_group_uuids) && @sizeof($user_group_uuids) != 0) {
-			//only show contacts assigned to current user's group(s) and those not assigned to any group
-			$sql .= "and (";
-			$sql .= "	c.contact_uuid in ( ";
-			$sql .= "		select contact_uuid from v_contact_groups ";
-			$sql .= "		where (";
-			foreach ($user_group_uuids as $index => $user_group_uuid) {
-				$sql .= $or;
-				$sql .= "		group_uuid = :group_uuid_".$index." ";
-				$parameters['group_uuid_'.$index] = $user_group_uuid;
-				$or = " or ";
+		if ($_SESSION['contact']['permissions']['boolean'] == "true") {
+			if (is_array($user_group_uuids) && @sizeof($user_group_uuids) != 0) {
+				//only show contacts assigned to current user's group(s) and those not assigned to any group
+				$sql .= "and (";
+				$sql .= "	c.contact_uuid in ( ";
+				$sql .= "		select contact_uuid from v_contact_groups ";
+				$sql .= "		where (";
+				foreach ($user_group_uuids as $index => $user_group_uuid) {
+					$sql .= $or;
+					$sql .= "		group_uuid = :group_uuid_".$index." ";
+					$parameters['group_uuid_'.$index] = $user_group_uuid;
+					$or = " or ";
+				}
+				unset($user_group_uuids, $index, $user_group_uuid, $or);
+				$sql .= "		) ";
+				$sql .= "		and domain_uuid = :domain_uuid ";
+				$sql .= "	) ";
+				$sql .= "	or ";
+				$sql .= "	c.contact_uuid not in ( ";
+				$sql .= "		select contact_uuid from v_contact_groups ";
+				$sql .= "		where domain_uuid = :domain_uuid ";
+				$sql .= "	) ";
+				$sql .= ") ";
 			}
-			unset($user_group_uuids, $index, $user_group_uuid, $or);
-			$sql .= "		) ";
-			$sql .= "		and domain_uuid = :domain_uuid ";
-			$sql .= "	) ";
-			$sql .= "	or ";
-			$sql .= "	c.contact_uuid not in ( ";
-			$sql .= "		select contact_uuid from v_contact_groups ";
-			$sql .= "		where domain_uuid = :domain_uuid ";
-			$sql .= "	) ";
-			$sql .= ") ";
 		}
 		$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
 		$database = new database;