Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The Auth Trait's restrictWithPermissions() method don't work when we pass more permissions than one in array #525

Closed
manageruz opened this issue Jun 5, 2022 · 1 comment
Closed

The Auth Trait's restrictWithPermissions() method don't work when we pass more permissions than one in array #525

manageruz opened this issue Jun 5, 2022 · 1 comment
Labels
bug

Comments

@manageruz
Copy link
Collaborator

manageruz commented Jun 5, 2022
edited
Loading

AuthTrait.php file

public function restrictWithPermissions($permissions, $uri = null)
{
       $this->setupAuthClasses();
        if ($this->authenticate->check() && $this->authorize->hasPermission($permissions, $this->authenticate->id())) {
            return true;
        }

       //rest of the code goes here ...
}

FlatAuthorization.php file

public function hasPermission($permission, int $userId)
{
        if (empty($permission) || (! is_string($permission) && ! is_numeric($permission))) {
            return null;
        }

        if (empty($userId) || ! is_numeric($userId)) {
            return null;
        }

        // Get the Permission ID
        $permissionId = $this->getPermissionID($permission);
         
       //rest of the code goes here ...       
}

As we can see there is no code to check if passed $permission variable is array or not. So if we pass array as value with more than one permissions, code will return always null
@manageruz manageruz added the bug label Jun 7, 2022
@MGatner
Copy link
Collaborator

MGatner commented Jul 12, 2022

Fixed in #481

@MGatner MGatner closed this as completed Jul 12, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MGatner @manageruz