diff --git a/app/Models/User.php b/app/Models/User.php
index 2898d45a6a91b538a0a646e2d3a4f70a9229f8bd..8f86811c8105e0e45bf992e5fd81a993372cf27b 100755
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -114,20 +114,12 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
/**
- * Check user permissions
+ * Internally check the user permission for the given section
*
- * Parses the user and group permission masks to see if the user
- * is authorized to do the thing
- *
- * @author A. Gianotto <snipe@snipe.net>
- * @since [v1.0]
* @return boolean
*/
- public function hasAccess($section)
+ protected function checkPermissionSection($section)
{
- if ($this->isSuperUser()) {
- return true;
- }
$user_groups = $this->groups;
@@ -159,31 +151,33 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
}
/**
- * Checks if the user is a SuperUser
+ * Check user permissions
+ *
+ * Parses the user and group permission masks to see if the user
+ * is authorized to do the thing
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v1.0]
* @return boolean
*/
- public function isSuperUser()
+ public function hasAccess($section)
{
- if (!$user_permissions = json_decode($this->permissions, true)) {
- return false;
- }
-
- foreach ($this->groups as $user_group) {
- $group_permissions = json_decode($user_group->permissions, true);
- $group_array = (array)$group_permissions;
- if ((array_key_exists('superuser', $group_array)) && ($group_permissions['superuser']=='1')) {
- return true;
- }
- }
-
- if ((array_key_exists('superuser', $user_permissions)) && ($user_permissions['superuser']=='1')) {
+ if ($this->isSuperUser()) {
return true;
}
+ return $this->checkPermissionSection($section);
+ }
- return false;
+ /**
+ * Checks if the user is a SuperUser
+ *
+ * @author A. Gianotto <snipe@snipe.net>
+ * @since [v1.0]
+ * @return boolean
+ */
+ public function isSuperUser()
+ {
+ return $this->checkPermissionSection('superuser');
}