From ef8e0c78b50cc4bc2492fa58e96feb2115dbab94 Mon Sep 17 00:00:00 2001
From: javilanz <noreply@pandorafms.org>
Date: Tue, 15 Feb 2011 15:18:23 +0000
Subject: [PATCH] 2011-02-15 Javier Lanz <javier.lanz@argica.es> 	*
 godmode/groups/group_list.php: Fixed ACL checkings

	Fix #3175824


git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@3851 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
---
 pandora_console/ChangeLog                     | 5 +++++
 pandora_console/godmode/groups/group_list.php | 8 ++++++--
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog
index 688dc50b27..e428124fe6 100644
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@@ -1,3 +1,8 @@
+2011-02-15 Javier Lanz <javier.lanz@argica.es>
+	* godmode/groups/group_list.php: Fixed ACL checkings
+
+	Fix #3175824
+
 2011-02-15 Miguel de Dios  <miguel.dedios@artica.es>
 
 	* include/functions_db.php: added in function "get_agent_modules" the
diff --git a/pandora_console/godmode/groups/group_list.php b/pandora_console/godmode/groups/group_list.php
index 388679bf61..0b0f3f9596 100644
--- a/pandora_console/godmode/groups/group_list.php
+++ b/pandora_console/godmode/groups/group_list.php
@@ -22,8 +22,12 @@ check_login();
 require_once("include/functions_groups.php");
 
 if (is_ajax ()) {
-	check_acl($config['id_user'], 0, "AR");
-	
+	if (! give_acl($config['id_user'], 0, "AR")) {
+		pandora_audit("ACL Violation", "Trying to access Group Management");
+		require ("general/noaccess.php");
+		return;
+	}
+
 	$get_group_json = (bool) get_parameter ('get_group_json');
 	$get_group_agents = (bool) get_parameter ('get_group_agents');