From 390f18e96393de2bbbfe1f745ed37e8ed9509268 Mon Sep 17 00:00:00 2001
From: miguel angel rasteu <miguelangel.rasteu@pandorafms.com>
Date: Tue, 23 May 2023 10:53:08 +0200
Subject: [PATCH] #11317 Fix ACL Check

---
 pandora_console/extensions/module_groups.php | 2 +-
 pandora_console/general/logon_ok.php         | 9 +++++++++
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/pandora_console/extensions/module_groups.php b/pandora_console/extensions/module_groups.php
index e554b34b51..6d7ac7e4f6 100644
--- a/pandora_console/extensions/module_groups.php
+++ b/pandora_console/extensions/module_groups.php
@@ -31,7 +31,7 @@ global $config;
 
 check_login();
 // ACL Check.
-if (!check_acl($config['id_user'], 0, 'AR')) {
+if (check_acl($config['id_user'], 0, 'AR') === 0 && check_acl($config['id_user'], 0, 'RR') === 0) {
     db_pandora_audit(
         AUDIT_LOG_ACL_VIOLATION,
         'Trying to access Module Groups view'
diff --git a/pandora_console/general/logon_ok.php b/pandora_console/general/logon_ok.php
index d50fc33336..9ba59c0820 100644
--- a/pandora_console/general/logon_ok.php
+++ b/pandora_console/general/logon_ok.php
@@ -33,6 +33,15 @@ require_once 'include/config.php';
 global $config;
 
 check_login();
+// ACL Check.
+if (check_acl($config['id_user'], 0, 'AR') === 0) {
+    db_pandora_audit(
+        AUDIT_LOG_ACL_VIOLATION,
+        'Trying to access Default view'
+    );
+    include 'general/noaccess.php';
+    exit;
+}
 
 require_once 'include/functions_reporting.php';
 require_once 'include/functions_tactical.php';