Skip to content

Commit

Permalink
make Group use tri-state can* extension hooks, fixes #9580
Browse files Browse the repository at this point in the history
  • Loading branch information
@xini
xini committed Apr 11, 2023
1 parent 2c874a1 commit 41c4b4e
Showing 1 changed file with 12 additions and 18 deletions.
30 changes: 12 additions & 18 deletions src/Security/Group.php
View file
Expand Up @@ -583,12 +583,10 @@ public function canEdit($member = null)
$member = Security::getCurrentUser();
}

// extended access checks
$results = $this->extend('canEdit', $member);
if ($results && is_array($results)) {
if (!min($results)) {
return false;
}
// check for extensions, we do this first as they can overrule everything
$extended = $this->extendedCan(__FUNCTION__, $member);
if ($extended !== null) {
return $extended;
}

if (// either we have an ADMIN
Expand Down Expand Up @@ -619,12 +617,10 @@ public function canView($member = null)
$member = Security::getCurrentUser();
}

// extended access checks
$results = $this->extend('canView', $member);
if ($results && is_array($results)) {
if (!min($results)) {
return false;
}
// check for extensions, we do this first as they can overrule everything
$extended = $this->extendedCan(__FUNCTION__, $member);
if ($extended !== null) {
return $extended;
}

// user needs access to CMS_ACCESS_SecurityAdmin
Expand All @@ -641,12 +637,10 @@ public function canDelete($member = null)
$member = Security::getCurrentUser();
}

// extended access checks
$results = $this->extend('canDelete', $member);
if ($results && is_array($results)) {
if (!min($results)) {
return false;
}
// check for extensions, we do this first as they can overrule everything
$extended = $this->extendedCan(__FUNCTION__, $member);
if ($extended !== null) {
return $extended;
}

return $this->canEdit($member);
Expand Down

0 comments on commit 41c4b4e

Please sign in to comment.