leonardo/yii2-usuario
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Avoid totally rewriting of AccessRule::matchRole - try nr2 #380

Browse Source
This commit is contained in:
Lorenzo Milesi
2020-07-26 09:32:08 +02:00
parent 8adbffeb3f
commit a991801f3e
2 changed files with 13 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -1,6 +1,7 @@
# CHANGELOG
## work in progress
- Fix #380: Avoid rewriting AccessRule::matchRole (maxxer)
- Fix #378: Add module attribute 'disableIpLogging' (jkmssoft)
## 1.5.1 April 5, 2020

27
src/User/Filter/AccessRuleFilter.php
View File

@ -52,36 +52,19 @@ class AccessRuleFilter extends AccessRule
protected function matchRole($user)
{
if (empty($this->roles)) {
return true;
return parent::matchRole($user);
}
foreach ($this->roles as $role) {
if ($role === '?') {
if ($user->getIsGuest()) {
return true;
// We just check our custom role "admin" otherwise call back the original implementation
if (!in_array("admin", $this->roles)) {
return parent::matchRole($user);
}
} elseif ($role === '@') {
if (!$user->getIsGuest()) {
return true;
}
} elseif ($role === 'admin') {
/** @var User $identity */
$identity = $user->getIdentity();
if (!$user->getIsGuest() && $identity->getIsAdmin()) {
return true;
}
} else {
$roleParams = $this->roleParams instanceof Closure
? call_user_func($this->roleParams, $this)
: $this->roleParams;
if ($user->can($role, $roleParams)) {
return true;
}
}
}
return false;
return parent::matchRole($user);
}
}