From 6c03cc537c5794a131278583f83477bbd15e0e3e Mon Sep 17 00:00:00 2001
From: Malf Furious <m@lfurio.us>
Date: Sun, 22 Jul 2018 02:43:02 -0400
Subject: Fix bug in agent 'has permission' functions

The check that this commit adds to each of these functions enables users
with all permissions on themselves.
---
 app/class/agent.class.php | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

(limited to 'app/class/agent.class.php')

diff --git a/app/class/agent.class.php b/app/class/agent.class.php
index b4e6702..4af13d5 100644
--- a/app/class/agent.class.php
+++ b/app/class/agent.class.php
@@ -122,6 +122,9 @@ abstract class agent extends obj
         if ($this->admin)
             return true;
 
+        if ($this->guid == $obj->guid)
+            return true;
+
         if ($this->isOwnerOf($obj))
             return true;
 
@@ -156,6 +159,9 @@ abstract class agent extends obj
         if ($this->admin)
             return true;
 
+        if ($this->guid == $obj->guid)
+            return true;
+
         if ($this->isOwnerOf($obj))
             return true;
 
@@ -187,6 +193,9 @@ abstract class agent extends obj
         if ($this->admin)
             return true;
 
+        if ($this->guid == $obj->guid)
+            return true;
+
         if ($this->isOwnerOf($obj))
             return true;
 
@@ -218,6 +227,9 @@ abstract class agent extends obj
         if ($this->admin)
             return true;
 
+        if ($this->guid == $obj->guid)
+            return true;
+
         if ($this->isOwnerOf($obj))
             return true;
 
@@ -246,6 +258,9 @@ abstract class agent extends obj
         if ($this->admin)
             return true;
 
+        if ($this->guid == $obj->guid)
+            return true;
+
         if ($this->isOwnerOf($obj))
             return true;
 
@@ -280,6 +295,9 @@ abstract class agent extends obj
         if ($this->admin)
             return true;
 
+        if ($this->guid == $obj->guid)
+            return true;
+
         if ($this->isOwnerOf($obj))
             return true;
 
@@ -314,6 +332,9 @@ abstract class agent extends obj
         if ($this->admin)
             return true;
 
+        if ($this->guid == $obj->guid)
+            return true;
+
         if ($this->isOwnerOf($obj))
             return true;
 
@@ -345,6 +366,9 @@ abstract class agent extends obj
         if ($this->admin)
             return true;
 
+        if ($this->guid == $obj->guid)
+            return true;
+
         if ($this->isOwnerOf($obj))
             return true;
 
@@ -376,6 +400,9 @@ abstract class agent extends obj
         if ($this->admin)
             return true;
 
+        if ($this->guid == $obj->guid)
+            return true;
+
         if ($this->isOwnerOf($obj))
             return true;
 
-- 
cgit v1.2.3