Revert "Avoid totally rewriting of AccessRule::matchRole #380"
This reverts commit 78bd5f9de8.
This commit is contained in:
Lorenzo Milesi
@ -1,7 +1,6 @@
|
||||
# CHANGELOG
|
||||
|
||||
## work in progress
|
||||
- Fix #380: Avoid rewriting AccessRule::matchRole (maxxer)
|
||||
- Fix #378: Add module attribute 'disableIpLogging' (jkmssoft)
|
||||
|
||||
## 1.5.1 April 5, 2020
|
||||
|
||||
@ -48,21 +48,38 @@ class AccessRuleFilter extends AccessRule
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
**/
|
||||
* */
|
||||
protected function matchRole($user)
|
||||
{
|
||||
if (empty($this->roles)) {
|
||||
return parent::matchRole($user);
|
||||
return true;
|
||||
}
|
||||
|
||||
// We just check our custom role "admin" otherwise call back the original implementation
|
||||
if (!in_array("admin", $this->roles)) {
|
||||
return parent::matchRole($user);
|
||||
}
|
||||
/** @var User $identity */
|
||||
$identity = $user->getIdentity();
|
||||
if (!$user->getIsGuest() && $identity->getIsAdmin()) {
|
||||
return true;
|
||||
foreach ($this->roles as $role) {
|
||||
if ($role === '?') {
|
||||
if ($user->getIsGuest()) {
|
||||
return true;
|
||||
}
|
||||
} elseif ($role === '@') {
|
||||
if (!$user->getIsGuest()) {
|
||||
return true;
|
||||
}
|
||||
} elseif ($role === 'admin') {
|
||||
/** @var User $identity */
|
||||
$identity = $user->getIdentity();
|
||||
|
||||
if (!$user->getIsGuest() && $identity->getIsAdmin()) {
|
||||
return true;
|
||||
}
|
||||
} else {
|
||||
$roleParams = $this->roleParams instanceof Closure
|
||||
? call_user_func($this->roleParams, $this)
|
||||
: $this->roleParams;
|
||||
|
||||
if ($user->can($role, $roleParams)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
|
||||
Reference in New Issue
Block a user