From 4f32ee1841967c0b65ccf2aa5a485d50afa423e7 Mon Sep 17 00:00:00 2001
From: Andreas Gohr <gohr@cosmocode.de>
Date: Tue, 30 Oct 2018 15:49:55 +0100
Subject: [PATCH] relax access to admin action

Since we want to check the access to the Admin plugins on an individual
basis, we need to grant access to all logged in users at first. This
means a user could access the admin page, but would not see any plugins
available.
---
 inc/Action/Admin.php | 13 +------------
 1 file changed, 1 insertion(+), 12 deletions(-)

diff --git a/inc/Action/Admin.php b/inc/Action/Admin.php
index eedf7174c..cc6dfd74f 100644
--- a/inc/Action/Admin.php
+++ b/inc/Action/Admin.php
@@ -15,22 +15,11 @@ class Admin extends AbstractUserAction {
 
     /** @inheritdoc */
     public function minimumPermission() {
-        global $INFO;
-
-        if($INFO['ismanager']) {
-            return AUTH_READ; // let in check later
-        } else {
-            return AUTH_ADMIN;
-        }
+        return AUTH_READ; // let in check later
     }
 
     public function checkPreconditions() {
         parent::checkPreconditions();
-
-        global $INFO;
-        if(!$INFO['ismanager']) {
-            throw new ActionException('denied');
-        }
     }
 
     public function preProcess() {
-- 
GitLab