Jingga/phpOMS
1
0
Fork 0
mirror of https://github.com/Karaka-Management/phpOMS.git synced 2026-03-07 08:28:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix permission handling in routing and permission check

Browse Source
This commit is contained in:
Dennis Eichhorn 2020-08-11 20:37:15 +02:00
parent 16961aaff6
commit 018fbd3771
2 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Account/PermissionAbstract.php
View File

@ -407,13 +407,14 @@ class PermissionAbstract implements \JsonSerializable
int $element = null,
int $component = null
) {
return ($unit === null || $this->unit === null || $this->unit === $unit)
return $permission === PermissionType::NONE ||
(($unit === null || $this->unit === null || $this->unit === $unit)
&& ($app === null || $this->app === null || $this->app === $app)
&& ($module === null || $this->module === null || $this->module === $module)
&& ($type === null || $this->type === null || $this->type === $type)
&& ($element === null || $this->element === null || $this->element === $element)
&& ($component === null || $this->component === null || $this->component === $component)
&& ($this->permission | $permission) === $this->permission;
&& ($this->permission | $permission) === $this->permission);
}
/**

2
Router/WebRouter.php
View File

@ -139,7 +139,7 @@ final class WebRouter implements RouterInterface
if ((isset($d['permission']) && $account === null)
|| (isset($d['permission'])
&& !$account->hasPermission(
$d['permission']['type'] ?? null, $orgId, $app, $d['permission']['module'] ?? null, $d['permission']['state'] ?? null
$d['permission']['type'] ?? 0, $d['permission']['unit'] ?? $orgId, $app, $d['permission']['module'] ?? null, $d['permission']['state'] ?? null
)
)
) {