Extend #6229 to include superuser permission check (#6772)

f01c93e1 · Sxderp · GitHub · 26b97d2b · f01c93e1
Unverified Commit f01c93e1 authored Apr 6, 2021 by Sxderp Committed by GitHub Apr 6, 2021
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -114,20 +114,12 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo


    /**
-     * Check user permissions
+     * Internally check the user permission for the given section
     *
-     * Parses the user and group permission masks to see if the user
-     * is authorized to do the thing
-     *
-     * @author A. Gianotto <snipe@snipe.net>
-     * @since [v1.0]
     * @return boolean
     */
-    public function hasAccess($section)
+    protected function checkPermissionSection($section)
    {
-        if ($this->isSuperUser()) {
-            return true;
-        }
        $user_groups = $this->groups;


@@ -159,31 +151,33 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
    }

    /**
-     * Checks if the user is a SuperUser
+     * Check user permissions
+     *
+     * Parses the user and group permission masks to see if the user
+     * is authorized to do the thing
     *
     * @author A. Gianotto <snipe@snipe.net>
     * @since [v1.0]
     * @return boolean
     */
-    public function isSuperUser()
+    public function hasAccess($section)
    {
-        if (!$user_permissions = json_decode($this->permissions, true)) {
-            return false;
-        }
-
-        foreach ($this->groups as $user_group) {
-            $group_permissions = json_decode($user_group->permissions, true);
-            $group_array = (array)$group_permissions;
-            if ((array_key_exists('superuser', $group_array)) && ($group_permissions['superuser']=='1')) {
+        if ($this->isSuperUser()) {
            return true;
        }
+        return $this->checkPermissionSection($section);
    }

-        if ((array_key_exists('superuser', $user_permissions)) && ($user_permissions['superuser']=='1')) {
-            return true;
-        }
-
-        return false;
+    /**
+     * Checks if the user is a SuperUser
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v1.0]
+     * @return boolean
+     */
+    public function isSuperUser()
+    {
+        return $this->checkPermissionSection('superuser');
    }