From 6a47d38e221f8551ef9019cb2dc99d004cb30ffe Mon Sep 17 00:00:00 2001
From: Michael M Slusarz <slusarz@curecanti.org>
Date: Wed, 19 Aug 2009 12:08:08 -0600
Subject: [PATCH] Bug #8475: Fix SHOW permissions if not authenticated to app

---
 framework/Core/lib/Horde/Registry.php | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/framework/Core/lib/Horde/Registry.php b/framework/Core/lib/Horde/Registry.php
index 0493247a6..59b764193 100644
--- a/framework/Core/lib/Horde/Registry.php
+++ b/framework/Core/lib/Horde/Registry.php
@@ -969,9 +969,17 @@ class Horde_Registry
         /* Always do isAuthenticated() check first. You can be an admin, but
          * application auth != Horde admin auth. */
         if (!Horde_Auth::isAuthenticated(array('app' => $app))) {
-            /* There can *never* be guest access to an application that
-             * requires authentication. */
-            return false;
+            /* There can *never* be non-SHOW guest access to an application
+             * that requires authentication. */
+            if ($perms != PERMS_SHOW) {
+                return false;
+            }
+
+            /* Otherwise, allow SHOW access for admins, for apps that do not
+             * have any explicit permissions, or for apps that allow SHOW. */
+            return Horde_Auth::isAdmin() ||
+                !$GLOBALS['perms']->exists($app) ||
+                $GLOBALS['perms']->hasPermission($app, Horde_Auth::getAuth(), $perms);
         }
 
         /* Admins always are authorized. */
-- 
2.11.0