fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged in bugfix/PMCORE-2683 (pull request #7710)

Browse Source 
PMCORE-2683

Approved-by: Julio Cesar Laura Avendaño <contact@julio-laura.com>
This commit is contained in:
Andrea Adamczyk
2021-01-07 16:39:59 +00:00
committed by Julio Cesar Laura Avendaño
parent c42c510298 78d521af07
commit 86ca7b96ea
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
workflow/engine/methods/cases/cases_ShowDocument.php
View File

@@ -1,4 +1,5 @@
<?php
/**
* cases_ShowDocument.php
*
@@ -50,7 +51,7 @@ if (!empty($_SESSION['GUEST_USER']) && $_SESSION['GUEST_USER'] === RBAC::GUEST_U
}
$access = $RBAC->userCanAccess('PM_FOLDERS_ALL') != 1 && defined('DISABLE_DOWNLOAD_DOCUMENTS_SESSION_VALIDATION') && DISABLE_DOWNLOAD_DOCUMENTS_SESSION_VALIDATION == 0;
if ($access && $isGuestUser === false) {
if (!$oAppDocument->canDownloadInput($_SESSION['USER_LOGGED'], $_GET['a'], $docVersion)) {
if (isset($_SESSION['USER_LOGGED']) && !$oAppDocument->canDownloadInput($_SESSION['USER_LOGGED'], $_GET['a'], $docVersion)) {
G::header('Location: /errors/error403.php?url=' . urlencode($_SERVER['REQUEST_URI']));
die();
}
@@ -131,4 +132,4 @@ if (!$sw_file_exists) {
G::streamFile($realPath, $bDownload, $nameFile); //download
}
}
}
}