From b43c8faaf5c6e966b6a97b8e5dbe47a7349c08c6 Mon Sep 17 00:00:00 2001
From: marcelo <marcelo.heredia@colosa.com>
Date: Tue, 30 Apr 2013 11:08:51 -0400
Subject: [PATCH] BUG 11271 "When user has all permission except PM_USER, user
 is directed to login screen" SOLVED

-When creating a new role that has all the permissions except the
PM_USER. User is directed to login screen when he is goes to ADMIN->USER
tab.
-Solved, now the ADMIN->USER tab isnt shown when you create a new role
with all permissions but PM_USER.
---
 workflow/engine/menus/setup.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/workflow/engine/menus/setup.php b/workflow/engine/menus/setup.php
index 22f5a6f89..5e83459f3 100755
--- a/workflow/engine/menus/setup.php
+++ b/workflow/engine/menus/setup.php
@@ -75,7 +75,7 @@ if ($RBAC->userCanAccess('PM_SETUP_ADVANCE') == 1 ) {
 }
 
 //users options
-if ($RBAC->userCanAccess('PM_SETUP') == 1 || $RBAC->userCanAccess('PM_USERS') == 1) {
+if ($RBAC->userCanAccess('PM_USERS') == 1) {
   $G_TMP_MENU->AddIdRawOption('USERS', '../users/users_List', G::LoadTranslation('ID_USERS_LIST'), 'icon-webservices.png', '', 'users');
 
   $G_TMP_MENU->AddIdRawOption('GROUPS', '../groups/groups', G::LoadTranslation('ID_GROUPS'), '', '', 'users');
@@ -83,7 +83,7 @@ if ($RBAC->userCanAccess('PM_SETUP') == 1 || $RBAC->userCanAccess('PM_USERS') ==
   $G_TMP_MENU->AddIdRawOption('ROLES', '../roles/roles_List', G::LoadTranslation('ID_ROLES'), '', '', 'users');
 }
 
-if ($RBAC->userCanAccess('PM_SETUP_ADVANCE') == 1) {
+if ($RBAC->userCanAccess('PM_SETUP_ADVANCE') == 1 && $RBAC->userCanAccess('PM_USERS') == 1) {
   $G_TMP_MENU->AddIdRawOption('AUTHSOURCES', '../authSources/authSources_List', G::LoadTranslation('ID_AUTH_SOURCES'), '', '', 'users');
   $G_TMP_MENU->AddIdRawOption('UX', '../admin/uxList', G::LoadTranslation('ID_USER_EXPERIENCE'), '', '', 'users');
   $G_TMP_MENU->AddIdRawOption('SYSTEM', '../admin/system', G::LoadTranslation('ID_SYSTEM'), '', '', 'settings');