From e7db797575d1fb770673de1a9bb1f906f9e2bf6e Mon Sep 17 00:00:00 2001
From: thom <thom@amsterdamtech.nl>
Date: Fri, 31 Jul 2020 12:42:04 +0200
Subject: [PATCH] Make client protection configurable (#4048)

---
 install/tpl/system.ini.master                 |  1 +
 interface/web/sites/web_vhost_domain_edit.php | 12 +++++++++---
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/install/tpl/system.ini.master b/install/tpl/system.ini.master
index d6dfa18f47..05fb917875 100644
--- a/install/tpl/system.ini.master
+++ b/install/tpl/system.ini.master
@@ -1,4 +1,5 @@
 [global]
+client_protection=y
 
 [admin]
 
diff --git a/interface/web/sites/web_vhost_domain_edit.php b/interface/web/sites/web_vhost_domain_edit.php
index cc476a2276..f5a66340a0 100644
--- a/interface/web/sites/web_vhost_domain_edit.php
+++ b/interface/web/sites/web_vhost_domain_edit.php
@@ -1376,11 +1376,17 @@ class page_action extends tform_actions {
 	function onAfterInsert() {
 		global $app, $conf;
 
-		// make sure that the record belongs to the clinet group and not the admin group when admin inserts it
+		// make sure that the record belongs to the client group and not the admin group when admin inserts it
 		// also make sure that the user can not delete domain created by a admin
 		if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
-			$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
-			$app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id);
+  	  $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
+	  	$app->uses('getconf');
+	  	$global_config = $app->getconf->get_global_config('global');
+	  	if($global_config['client_protection'] == 'y') {
+		    $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id);
+			  else
+				$app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $client_group_id, $this->id);
+			}
 		}
 		if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) {
 			$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
-- 
GitLab