fix Bug 63538
This commit is contained in:
parent
5f135c4ad2
commit
c2e284f110
@ -1081,14 +1081,21 @@ public class UserController : PeopleControllerBase
|
|||||||
}
|
}
|
||||||
|
|
||||||
var viewer = _userManager.GetUsers(_securityContext.CurrentAccount.ID);
|
var viewer = _userManager.GetUsers(_securityContext.CurrentAccount.ID);
|
||||||
|
var viewerIsAdmin = _userManager.IsDocSpaceAdmin(viewer);
|
||||||
|
|
||||||
var user = _userManager.GetUsers(userid);
|
var user = _userManager.GetUsers(userid);
|
||||||
|
|
||||||
if (user == null)
|
if (_userManager.IsSystemUser(user.Id))
|
||||||
{
|
{
|
||||||
throw new Exception(Resource.ErrorUserNotFound);
|
throw new Exception(Resource.ErrorUserNotFound);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (viewer == null || (user.IsOwner(Tenant) && viewer.Id != user.Id))
|
if (!viewerIsAdmin && viewer.Id != user.Id)
|
||||||
|
{
|
||||||
|
throw new Exception(Resource.ErrorAccessDenied);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (user.IsOwner(Tenant) && viewer.Id != user.Id)
|
||||||
{
|
{
|
||||||
throw new Exception(Resource.ErrorAccessDenied);
|
throw new Exception(Resource.ErrorAccessDenied);
|
||||||
}
|
}
|
||||||
@ -1100,7 +1107,7 @@ public class UserController : PeopleControllerBase
|
|||||||
throw new Exception(_customNamingPeople.Substitute<Resource>("ErrorEmailAlreadyExists"));
|
throw new Exception(_customNamingPeople.Substitute<Resource>("ErrorEmailAlreadyExists"));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!_userManager.IsDocSpaceAdmin(viewer))
|
if (!viewerIsAdmin)
|
||||||
{
|
{
|
||||||
_studioNotifyService.SendEmailChangeInstructions(user, email);
|
_studioNotifyService.SendEmailChangeInstructions(user, email);
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user