Permission check consistency updates (#7686)

* More permission check fixes * Update call_block_edit.php * Update call_forward.php * Update call_forward_edit.php * Update call_forward.php * Update dialplans.php * Update fax_edit.php * Update phrase_edit.php * Update sip_profile_copy.php * Update system.php * Update xml_cdr.php * Update contact_attachment_edit.php * Update contact_auth.php * Update contact_relations_view.php * Update contact_timer_inc.php * Update contact_timer.php * Update contacts_vcard.php * Update permissions_default.php * Update menu_item_list.php * Update user_edit.php
2026-01-02 14:04:39 -07:00
parent 24c1c00a4c
commit 0efc4befe4
20 changed files with 46 additions and 52 deletions
@@ -26,7 +26,7 @@
 	require_once "resources/check_auth.php";

 //check permissions
-	if (!permission_exists('bridge_add') && !permission_exists('bridge_edit')) {
+	if (!(permission_exists('bridge_add') || permission_exists('bridge_edit'))) {
 		echo "access denied";
 		exit;
 	}
@@ -32,7 +32,7 @@
 	require_once "resources/check_auth.php";

 //check permissions
-	if (!permission_exists('call_block_edit') && !permission_exists('call_block_add')) {
+	if (!(permission_exists('call_block_edit') || permission_exists('call_block_add'))) {
 		echo "access denied";
 		exit;
 	}
@@ -18,7 +18,7 @@

 	  The Initial Developer of the Original Code is
 	  Mark J Crane <markjcrane@fusionpbx.com>
-	  Portions created by the Initial Developer are Copyright (C) 2008-2024
+	  Portions created by the Initial Developer are Copyright (C) 2008-2025
 	  the Initial Developer. All Rights Reserved.

 	  Contributor(s):
@@ -34,7 +34,7 @@
 	require_once "resources/paging.php";

 //check permissions
-	if (!(permission_exists('follow_me') || !permission_exists('call_forward') || permission_exists('do_not_disturb'))) {
+	if (!(permission_exists('follow_me') || permission_exists('call_forward') || permission_exists('do_not_disturb'))) {
 		echo "access denied";
 		exit;
 	}
@@ -17,7 +17,7 @@

 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
-	Portions created by the Initial Developer are Copyright (C) 2008-2024
+	Portions created by the Initial Developer are Copyright (C) 2008-2025
 	the Initial Developer. All Rights Reserved.

 	Contributor(s):
@@ -30,7 +30,7 @@
 	require_once "resources/check_auth.php";

 //check permissions
-	if (!(permission_exists('follow_me') || !permission_exists('call_forward') || permission_exists('do_not_disturb'))) {
+	if (!(permission_exists('follow_me') || permission_exists('call_forward') || permission_exists('do_not_disturb'))) {
 		echo "access denied";
 		exit;
 	}
@@ -5,7 +5,7 @@
 	require_once "resources/check_auth.php";

 //check permissions
-	if (!(permission_exists('follow_me') || !permission_exists('call_forward') || permission_exists('do_not_disturb'))) {
+	if (!(permission_exists('follow_me') || permission_exists('call_forward') || permission_exists('do_not_disturb'))) {
 		echo "access denied";
 		exit;
 	}
@@ -17,7 +17,7 @@

 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
-	Portions created by the Initial Developer are Copyright (C) 2008-2023
+	Portions created by the Initial Developer are Copyright (C) 2008-2025
 	the Initial Developer. All Rights Reserved.

 	Contributor(s):
@@ -31,7 +31,7 @@
 	require_once "resources/paging.php";

 //check permissions
-	if (!(permission_exists('dialplan_view') || !permission_exists('inbound_route_view') || permission_exists('outbound_route_view'))) {
+	if (!(permission_exists('dialplan_view') || permission_exists('inbound_route_view') || permission_exists('outbound_route_view'))) {
 		echo "access denied";
 		exit;
 	}
@@ -29,7 +29,7 @@
 	require_once "resources/check_auth.php";

 //check permissions
-	if (!(permission_exists('fax_extension_add') || !permission_exists('fax_extension_edit') || permission_exists('fax_extension_delete'))) {
+	if (!(permission_exists('fax_extension_add') || permission_exists('fax_extension_edit') || permission_exists('fax_extension_delete'))) {
 		echo "access denied";
 		exit;
 	}
@@ -29,10 +29,7 @@
 	require_once "resources/check_auth.php";

 //check permissions
-	if (permission_exists('phrase_add') || permission_exists('phrase_edit')) {
-		//access granted
-	}
-	else {
+	if (!(permission_exists('phrase_add') || permission_exists('phrase_edit'))) {
 		echo "access denied";
 		exit;
 	}
@@ -30,11 +30,10 @@
 	require_once "resources/paging.php";

 //check permissions
-	if (!permission_exists('dialplan_add')
-		|| !permission_exists('inbound_route_add')
-		|| !permission_exists('outbound_route_add')
-		|| !permission_exists('time_condition_add')) {
-		//access granted
+	if (!(permission_exists('dialplan_add')
+		|| permission_exists('inbound_route_add')
+		|| permission_exists('outbound_route_add')
+		|| permission_exists('time_condition_add'))) {
 		echo "access denied";
 		exit;
 	}
@@ -149,4 +148,4 @@ if (is_uuid($sip_profile_uuid) && $sip_profile_name != '') {
 	header("Location: sip_profiles.php");
 	exit;

-?>
+?>
@@ -30,11 +30,11 @@ Con	Portions created by the Initial Developer are Copyright (C) 2008-2025
 	require_once "resources/check_auth.php";

 //check permissions
-	if (!permission_exists('system_view_info')
-		|| !permission_exists('system_view_cpu')
-		|| !permission_exists('system_view_hdd')
-		|| !permission_exists('system_view_ram')
-		|| !permission_exists('system_view_backup')) {
+	if (!(permission_exists('system_view_info')
+		|| permission_exists('system_view_cpu')
+		|| permission_exists('system_view_hdd')
+		|| permission_exists('system_view_ram')
+		|| permission_exists('system_view_backup'))) {
 		echo "access denied";
 		exit;
 	}
@@ -32,10 +32,7 @@
 	require_once "resources/paging.php";

 //check permisions
-	if (permission_exists('xml_cdr_view')) {
-		//access granted
-	}
-	else {
+	if (!permission_exists('xml_cdr_view')) {
 		echo "access denied";
 		exit;
 	}