From 24c3dd73fe3f4cfe2f360f83463edfc2be8c5ca9 Mon Sep 17 00:00:00 2001
From: Imanol Losada <imanol.losada@gmail.com>
Date: Mon, 30 Mar 2015 15:07:03 -0500
Subject: [PATCH] Fix 'prevent_session_admins_to_manage_all_users' feature
 (1.10.x) - refs BT#9324

---
 main/admin/add_users_to_session.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/main/admin/add_users_to_session.php b/main/admin/add_users_to_session.php
index 4f81e5f6d1..84ce12bf42 100755
--- a/main/admin/add_users_to_session.php
+++ b/main/admin/add_users_to_session.php
@@ -411,7 +411,9 @@ if ($ajax_search) {
             }
         }
     }
-
+    if (api_is_session_admin() && api_get_setting('prevent_session_admins_to_manage_all_users') === 'true') {
+        $order_clause = " AND u.creator_id = " . api_get_user_id() . $order_clause;
+    }
     if ($use_extra_fields) {
         $sql = "SELECT  user_id, lastname, firstname, username, id_session, official_code
                FROM $tbl_user u