Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Dev: Apply canEdit() to getManagementButtons() too
  • Loading branch information
olleharstedt committed Sep 21, 2022
1 parent e4f3ede commit 5628fdf
Showing 1 changed file with 1 addition and 7 deletions.
8 changes: 1 addition & 7 deletions application/models/User.php
Expand Up @@ -653,13 +653,7 @@ class='btn btn-default btn-sm UserManagement--action--openmodal UserManagement--
$buttonArray[] = $userDetail;
}
// Check if user is editable
if (
$this->uid == Yii::app()->user->getId() //One can edit onesself of course
|| (
Permission::model()->hasGlobalPermission('users', 'update') //Global permission to edit users given
&& $this->parent_id == Yii::app()->session['loginID'] //AND User is owned by admin
)
) {
if ($this->canEdit(Yii::app()->session['loginID'])) {
$buttonArray[] = $editUserButton;
}

Expand Down

0 comments on commit 5628fdf

Please sign in to comment.