From 133b7fedbff3ce8d5f4eb6d150e204f615862476 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Felix=20D=C3=B6rre?= <felix@dogcraft.de>
Date: Sun, 15 Mar 2015 09:25:08 +0100
Subject: [PATCH] Fix: only allow affiliating with org when user is assurer.

---
 src/org/cacert/gigi/pages/orga/AffiliationForm.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/org/cacert/gigi/pages/orga/AffiliationForm.java b/src/org/cacert/gigi/pages/orga/AffiliationForm.java
index 0191756f..ad988895 100644
--- a/src/org/cacert/gigi/pages/orga/AffiliationForm.java
+++ b/src/org/cacert/gigi/pages/orga/AffiliationForm.java
@@ -39,7 +39,7 @@ public class AffiliationForm extends Form {
             }
         } else if (req.getParameter("do_affiliate") != null) {
             User byEmail = User.getByEmail(req.getParameter("email"));
-            if (byEmail != null) {
+            if (byEmail != null && byEmail.canAssure()) {
                 o.addAdmin(byEmail, LoginPage.getUser(req), req.getParameter("master") != null);
                 return true;
             }
-- 
2.39.2