From 50357d276a5f37698e122804eb6fa2ea73c928e6 Mon Sep 17 00:00:00 2001
From: Christian Boltz <postfixadmin@cboltz.de>
Date: Sun, 2 Nov 2014 21:19:54 +0000
Subject: [PATCH] list.php: - allow usage for users, not only admins

git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1724 a1433add-5e2c-0410-b055-b7f2511e0802
---
 list.php | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/list.php b/list.php
index f64907ad..2dc4b5b1 100644
--- a/list.php
+++ b/list.php
@@ -36,14 +36,22 @@ $is_superadmin = 0;
 if (authentication_has_role('global-admin')) { # more permissions? Fine!
     $list_admins = array_keys(list_admins());
     $is_superadmin = 1;
-    $username = safepost('username', safeget('username', authentication_get_username())); # prefer POST over GET variable
+    $username = safepost('username', safeget('username', $username)); # prefer POST over GET variable
 }
 
-$handler = new $handlerclass(0, $username);
+$is_admin = authentication_has_role('admin');
+
+$handler = new $handlerclass(0, $username, $is_admin);
 
 $formconf = $handler->webformConfig();
 
-authentication_require_role($formconf['required_role']);
+if ($is_admin) {
+    authentication_require_role($formconf['required_role']);
+} else {
+    if (empty($formconf['user_hardcoded_field'])) {
+        die($handlerclass . ' is not available for users');
+    }
+}
 
 $handler->getList('');
 $items = $handler->result();