It allows non-logged user to access public pages of applications restricted to a group Signed-off-by: Julien Veyssier <eneiluj@posteo.net>
This commit is contained in:
Julien Veyssier
parent
0cfdf4748f
commit
7da0812186
1 changed files with 2 additions and 1 deletions
|
|
@ -195,8 +195,9 @@ class SecurityMiddleware extends Middleware {
|
|||
* Checks if app is enabled (also includes a check whether user is allowed to access the resource)
|
||||
* The getAppPath() check is here since components such as settings also use the AppFramework and
|
||||
* therefore won't pass this check.
|
||||
* If page is public, app does not need to be enabled for current user/visitor
|
||||
*/
|
||||
if(\OC_App::getAppPath($this->appName) !== false && !$this->appManager->isEnabledForUser($this->appName)) {
|
||||
if(\OC_App::getAppPath($this->appName) !== false && !$isPublicPage && !$this->appManager->isEnabledForUser($this->appName)) {
|
||||
throw new AppNotEnabledException();
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue