From 8ab38854a8494926b39e01eb87c45636c6fa9f57 Mon Sep 17 00:00:00 2001
From: odain-cbd <56586767+odain-cbd@users.noreply.github.com>
Date: Tue, 8 Mar 2022 18:21:40 +0100
Subject: [PATCH] =?UTF-8?q?N=C2=B04920=20-=20Fix=20"undefined=20index"=20n?=
 =?UTF-8?q?otice=20in=20user=20rights=20(#271)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../userrightsprofile.class.inc.php           | 36 ++++++++++---------
 1 file changed, 19 insertions(+), 17 deletions(-)

diff --git a/addons/userrights/userrightsprofile.class.inc.php b/addons/userrights/userrightsprofile.class.inc.php
index 15155db7e6..4d2b352d22 100644
--- a/addons/userrights/userrightsprofile.class.inc.php
+++ b/addons/userrights/userrightsprofile.class.inc.php
@@ -23,7 +23,7 @@ define('PORTAL_PROFILE_NAME', 'Portal user');
 class UserRightsBaseClassGUI extends cmdbAbstractObject
 {
 	// Whenever something changes, reload the privileges
-	
+
 	protected function AfterInsert()
 	{
 		UserRights::FlushPrivileges();
@@ -73,7 +73,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 	}
 
 	protected static $m_aCacheProfiles = null;
-	
+
 	public static function DoCreateProfile($sName, $sDescription)
 	{
 		if (is_null(self::$m_aCacheProfiles))
@@ -85,7 +85,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 			{
 				self::$m_aCacheProfiles[$oProfile->Get('name')] = $oProfile->GetKey();
 			}
-		}	
+		}
 
 		$sCacheKey = $sName;
 		if (isset(self::$m_aCacheProfiles[$sCacheKey]))
@@ -96,10 +96,10 @@ class URP_Profiles extends UserRightsBaseClassGUI
 		$oNewObj->Set('name', $sName);
 		$oNewObj->Set('description', $sDescription);
 		$iId = $oNewObj->DBInsertNoReload();
-		self::$m_aCacheProfiles[$sCacheKey] = $iId;	
+		self::$m_aCacheProfiles[$sCacheKey] = $iId;
 		return $iId;
 	}
-	
+
 	function GetGrantAsHtml($oUserRights, $sClass, $sAction)
 	{
 		$bGrant = $oUserRights->GetProfileActionGrant($this->GetKey(), $sClass, $sAction);
@@ -116,7 +116,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 			return '<span style="background-color: #ffdddd;">'.Dict::S('UI:UserManagement:ActionAllowed:No').'</span>';
 		}
 	}
-	
+
 	function DoShowGrantSumary($oPage)
 	{
 		if ($this->GetRawName() == "Administrator")
@@ -128,7 +128,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 
 		// Note: for sure, we assume that the instance is derived from UserRightsProfile
 		$oUserRights = UserRights::GetModuleInstance();
-	
+
 		$aDisplayData = array();
 		foreach (MetaModel::GetClasses('bizmodel,grant_by_profile') as $sClass)
 		{
@@ -137,12 +137,12 @@ class URP_Profiles extends UserRightsBaseClassGUI
 			{
 				$bGrant = $oUserRights->GetClassStimulusGrant($this->GetKey(), $sClass, $sStimulusCode);
 				if ($bGrant === true)
-				{ 
+				{
 					$aStimuli[] = '<span title="'.$sStimulusCode.': '.htmlentities($oStimulus->GetDescription(), ENT_QUOTES, 'UTF-8').'">'.htmlentities($oStimulus->GetLabel(), ENT_QUOTES, 'UTF-8').'</span>';
 				}
 			}
 			$sStimuli = implode(', ', $aStimuli);
-			
+
 			$aDisplayData[] = array(
 				'class' => MetaModel::GetName($sClass),
 				'read' => $this->GetGrantAsHtml($oUserRights, $sClass, 'r'),
@@ -154,7 +154,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 				'stimuli' => $sStimuli,
 			);
 		}
-	
+
 		$aDisplayConfig = array();
 		$aDisplayConfig['class'] = array('label' => Dict::S('UI:UserManagement:Class'), 'description' => Dict::S('UI:UserManagement:Class+'));
 		$aDisplayConfig['read'] = array('label' => Dict::S('UI:UserManagement:Action:Read'), 'description' => Dict::S('UI:UserManagement:Action:Read+'));
@@ -214,7 +214,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 	 * @param $aReasons array To store the reasons why the attribute is read-only (info about the synchro replicas)
 	 * @param $sTargetState string The target state in which to evalutate the flags, if empty the current state will be used
 	 * @return integer Flags: the binary combination of the flags applicable to this attribute
-	 */	 	  	 	
+	 */
 	public function GetAttributeFlags($sAttCode, &$aReasons = array(), $sTargetState = '')
 	{
 		$iFlags = parent::GetAttributeFlags($sAttCode, $aReasons, $sTargetState);
@@ -397,7 +397,7 @@ class URP_UserOrg extends UserRightsBaseClassGUI
 	{
 		if (!UserRights::IsLoggedIn() || UserRights::IsAdministrator()) { return; }
 
-		$oUser = UserRights::GetUserObject();		
+		$oUser = UserRights::GetUserObject();
 		$oAddon = UserRights::GetModuleInstance();
 		$aOrgs = $oAddon->GetUserOrgs($oUser, '');
 		if (count($aOrgs) > 0)
@@ -521,7 +521,7 @@ class UserRightsProfile extends UserRightsAddOnAPI
 				$oSearch->AllowAllData();
 				$oCondition = new BinaryExpression(new FieldExpression('userid'), '=', new VariableExpression('userid'));
 				$oSearch->AddConditionExpression($oCondition);
-				
+
 				$oUserOrgSet = new DBObjectSet($oSearch, array(), array('userid' => $iUser));
 				while ($oUserOrg = $oUserOrgSet->Fetch())
 				{
@@ -646,8 +646,10 @@ class UserRightsProfile extends UserRightsAddOnAPI
 		// load and cache permissions for the current user on the given class
 		//
 		$iUser = $oUser->GetKey();
-		$aTest = @$this->m_aObjectActionGrants[$iUser][$sClass][$iActionCode];
-		if (is_array($aTest)) return $aTest;
+		if (isset($this->m_aObjectActionGrants[$iUser][$sClass][$iActionCode])){
+			$aTest = $this->m_aObjectActionGrants[$iUser][$sClass][$iActionCode];
+			if (is_array($aTest)) return $aTest;
+		}
 
 		$sAction = self::$m_aActionCodes[$iActionCode];
 
@@ -813,8 +815,8 @@ class UserRightsProfile extends UserRightsAddOnAPI
 
 	/**
 	 * Find out which attribute is corresponding the the dimension 'owner org'
-	 * returns null if no such attribute has been found (no filtering should occur)	 
-	 */	 	
+	 * returns null if no such attribute has been found (no filtering should occur)
+	 */
 	public static function GetOwnerOrganizationAttCode($sClass)
 	{
 		$sAttCode = null;