From 7da08121868ce6922151e13246f82e8935a6cc51 Mon Sep 17 00:00:00 2001
From: Julien Veyssier <eneiluj@posteo.net>
Date: Wed, 28 Feb 2018 20:26:03 +0100
Subject: [PATCH] Do not throw AppNotEnabledException for app public pages -
 refs #6962, refs #5309

It allows non-logged user to access public pages of applications restricted to a group

Signed-off-by: Julien Veyssier <eneiluj@posteo.net>
---
 .../AppFramework/Middleware/Security/SecurityMiddleware.php    | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php b/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php
index bb3083c835..4af39c99db 100644
--- a/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php
+++ b/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php
@@ -195,8 +195,9 @@ class SecurityMiddleware extends Middleware {
 		 * Checks if app is enabled (also includes a check whether user is allowed to access the resource)
 		 * The getAppPath() check is here since components such as settings also use the AppFramework and
 		 * therefore won't pass this check.
+		 * If page is public, app does not need to be enabled for current user/visitor
 		 */
-		if(\OC_App::getAppPath($this->appName) !== false && !$this->appManager->isEnabledForUser($this->appName)) {
+		if(\OC_App::getAppPath($this->appName) !== false && !$isPublicPage && !$this->appManager->isEnabledForUser($this->appName)) {
 			throw new AppNotEnabledException();
 		}