upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-06-08 16:26:59 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 12

fix(provisioning_api): use isAdmin() in delegated admin edit guard

Browse source 
Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
Signed-off-by: Peter Ringelmann <peter.ringelmann@nextcloud.com>
This commit is contained in:
Peter R. 2026-04-28 18:12:55 +02:00 committed by Peter Ringelmann
parent 2f927e0d94
commit 48727aa942
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
apps/provisioning_api/lib/Controller/UsersController.php
View file

@ -952,7 +952,7 @@ class UsersController extends AUserDataOCSController {
$isSubAdminAccessible = !$isSelf && $subAdminManager->isUserAccessible($currentLoggedInUser, $targetUser);
$canEditOther = $isAdmin
|| ($isDelegatedAdmin && !$this->groupManager->isInGroup($targetUser->getUID(), 'admin'))
|| ($isDelegatedAdmin && !$this->groupManager->isAdmin($targetUser->getUID()))
|| $isSubAdminAccessible;
if (!$isSelf && !$canEditOther) {