eessppeelllloo/grav
1
0
Fork 0
mirror of https://github.com/getgrav/grav.git synced 2025-12-05 23:39:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

Minor bug fixes/improvements on $user->authorize()

Browse Source
This commit is contained in:
Matias Griese
2019-11-13 15:17:37 +02:00
parent 0d4afd7a37
commit aaa3976e5a
5 changed files with 10 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
system/src/Grav/Common/Twig/TwigExtension.php
View File

@@ -1058,7 +1058,7 @@ class TwigExtension extends AbstractExtension implements GlobalsInterface
continue;
}
$auth = $user->authorize($act);
$auth = $user->authorize($act) ?? false;
if (is_bool($auth) && $auth === Utils::isPositive($authenticated)) {
return true;
}

2
system/src/Grav/Common/User/DataUser/User.php
View File

@@ -243,7 +243,7 @@ class User extends Data implements UserInterface
{
user_error(__CLASS__ . '::' . __FUNCTION__ . '() is deprecated since Grav 1.5, use authorize() method instead', E_USER_DEPRECATED);
return $this->authorize($action);
return $this->authorize($action) ?? false;
}
/**

2
system/src/Grav/Common/User/DataUser/UserCollection.php
View File

@@ -95,7 +95,7 @@ class UserCollection implements UserCollectionInterface
if (Utils::endsWith($file, YAML_EXT)) {
$find_user = $this->load(trim(pathinfo($file, PATHINFO_FILENAME)));
foreach ($fields as $field) {
if ($find_user[$field] === $query) {
if (isset($find_user[$field]) && $find_user[$field] === $query) {
return $find_user;
}
}

2
system/src/Grav/Common/User/FlexUser/User.php
View File

@@ -586,7 +586,7 @@ class User extends FlexObject implements UserInterface, MediaManipulationInterfa
{
user_error(__CLASS__ . '::' . __FUNCTION__ . '() is deprecated since Grav 1.5, use ->authorize() method instead', E_USER_DEPRECATED);
return $this->authorize($action);
return $this->authorize($action) ?? false;
}
/**

7
system/src/Grav/Framework/Flex/Traits/FlexAuthorizeTrait.php
View File

@@ -35,7 +35,12 @@ trait FlexAuthorizeTrait
protected function isAuthorizedSuperAdmin(UserInterface $user): bool
{
return $user->authorize('admin.super');
// Action authorization includes super user authorization if using Flex Users.
if ($user instanceof FlexObjectInterface) {
return false;
}
return $user->authorize('admin.super') ?? false;
}
protected function isAuthorizedAction(UserInterface $user, string $action, string $scope = null): bool