Skip to content

Commit

Permalink
a super user can change other groups
Browse files Browse the repository at this point in the history
  • Loading branch information
@andrepereiradasilva
andrepereiradasilva committed Jun 9, 2016
1 parent e4ef8fb commit 407f64d
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions administrator/components/com_config/model/application.php
View file
Expand Up @@ -403,15 +403,18 @@ public function storePermissions($permission = null)

return false;
}

// Check if changed group has Super User permissions.
$isSuperUserGroup = JAccess::checkGroup($permission['rule'], 'core.admin');

// Check if current user belongs to changed group.
$currentUserBelongsToGroup = in_array($permission['rule'], $user->groups) ? true : false;

// If changed group has Super User permissions.
if ($isSuperUserGroup && !$currentUserBelongsToGroup)
// Check if current user belongs to changed group.
$currentUserSuperUser = $user->authorise('core.admin');

// If changed group has Super User permissions and current user is not user: can't change.
if (!$currentUserSuperUser && $isSuperUserGroup && !$currentUserBelongsToGroup)
{
// TO DO: language var
$app->enqueueMessage('You\'re not allowed to change permissions of a super user group.', 'error');
Expand Down

0 comments on commit 407f64d

Please sign in to comment.