-
-
Notifications
You must be signed in to change notification settings - Fork 373
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Question about LaratrustUserTrait::can #7
Comments
If my train of thought is correct, to fix it all that needs to be done is if (is_array($permission)) {
// --- BEGIN CHANGES ---
if(empty($permissions)) {
return true;
}
// --- END CHANGES ---
foreach ($permission as $permName) {
$hasPerm = $this->can($permName);
if ($hasPerm && !$requireAll) {
return true;
} elseif (!$hasPerm && $requireAll) {
return false;
}
}
// If we've made it this far and $requireAll is FALSE, then NONE of the perms were found
// If we've made it this far and $requireAll is TRUE, then ALL of the perms were found.
// Return the value of $requireAll;
return $requireAll;
} in |
But why would you do something like this |
I don't have a good example, but let's give it a try:
If a room has no lockable doors, the Back to the reality: We can have a system which works as described above and a set of required permissions(or roles) can be empty so we would do I hope I'm talking sense. |
@KKSzymanowski I got your point. I'll change that |
a3fadd3 solves this |
UPDATE: Probably the same question for
hasRole()
I was wondering, shouldn't
$user->can([])
returntrue
when user has no permissions?Example:
We have some collection of Things. Every one of the Things requires one from a set of permissions to access. Some of them don't require any permissions to access.
When a User doesn't have any permissions, he should still access the Thing that requires no permissions.
With current algorithm, in previously mentioned case User is forbidden to do that, because we return
$requireAll
which isfalse
.The text was updated successfully, but these errors were encountered: