Skip to content
Snippets Groups Projects
Unverified Commit f01c93e1 authored by Sxderp's avatar Sxderp Committed by GitHub
Browse files

Extend #6229 to include superuser permission check (#6772)

parent 26b97d2b
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 20 additions and 26 deletions
app/Models/User.php
+ 20
26
View file @ f01c93e1
...@@ -114,20 +114,12 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo ...@@ -114,20 +114,12 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
/** /**
* Check user permissions * Internally check the user permission for the given section
* *
* Parses the user and group permission masks to see if the user
* is authorized to do the thing
*
* @author A. Gianotto <snipe@snipe.net>
* @since [v1.0]
* @return boolean * @return boolean
*/ */
public function hasAccess($section) protected function checkPermissionSection($section)
{ {
if ($this->isSuperUser()) {
return true;
}
$user_groups = $this->groups; $user_groups = $this->groups;
...@@ -159,31 +151,33 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo ...@@ -159,31 +151,33 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
} }
/** /**
* Checks if the user is a SuperUser * Check user permissions
*
* Parses the user and group permission masks to see if the user
* is authorized to do the thing
* *
* @author A. Gianotto <snipe@snipe.net> * @author A. Gianotto <snipe@snipe.net>
* @since [v1.0] * @since [v1.0]
* @return boolean * @return boolean
*/ */
public function isSuperUser() public function hasAccess($section)
{ {
if (!$user_permissions = json_decode($this->permissions, true)) { if ($this->isSuperUser()) {
return false;
}
foreach ($this->groups as $user_group) {
$group_permissions = json_decode($user_group->permissions, true);
$group_array = (array)$group_permissions;
if ((array_key_exists('superuser', $group_array)) && ($group_permissions['superuser']=='1')) {
return true; return true;
} }
return $this->checkPermissionSection($section);
} }
if ((array_key_exists('superuser', $user_permissions)) && ($user_permissions['superuser']=='1')) { /**
return true; * Checks if the user is a SuperUser
} *
* @author A. Gianotto <snipe@snipe.net>
return false; * @since [v1.0]
* @return boolean
*/
public function isSuperUser()
{
return $this->checkPermissionSection('superuser');
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment