From 6f1d186287045677e24c646a9f8a5aa50bd7470f Mon Sep 17 00:00:00 2001
From: Denis Flaven <denis.flaven@combodo.com>
Date: Tue, 1 Sep 2015 12:55:46 +0000
Subject: [PATCH] #1137: portal configuration was too limited. Now one "allow"
 profile is enough to allow access to a given portal.

SVN:trunk[3706]
---
 application/portaldispatcher.class.inc.php | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/application/portaldispatcher.class.inc.php b/application/portaldispatcher.class.inc.php
index 4f80c605e..0a9cc5d4f 100644
--- a/application/portaldispatcher.class.inc.php
+++ b/application/portaldispatcher.class.inc.php
@@ -12,6 +12,7 @@ class PortalDispatcher
 	
 	public function IsUserAllowed()
 	{
+		$bRet = true;
 		if (array_key_exists('profile_list', $_SESSION))
 		{
 			$aProfiles = $_SESSION['profile_list'];
@@ -35,15 +36,21 @@ class PortalDispatcher
 				return false;
 			}
 		}
+		// If there are some "allow" profiles, then by default the result is false
+		// since the user must have at least one of the profiles to be allowed
+		if (count($this->aData['allow']) > 0)
+		{
+			$bRet = false;
+		}
 		foreach($this->aData['allow'] as $sAllowProfile)
 		{
-			// if one required profile is missing, it's enough => return false
-			if (!in_array($sAllowProfile, $aProfiles))
+			// If one "allow" profile is present, it's enough => return true
+			if (in_array($sAllowProfile, $aProfiles))
 			{
-				return false;
+				return true;
 			}
 		}
-		return true;
+		return $bRet;
 	}
 	
 	public function GetURL()