Extend #6229 to include superuser permission check (#6772)

Sxderp · web-flow · commit f01c93e16206 · 2021-04-05T20:26:06.000-07:00
diff --git a/app/Models/User.php b/app/Models/User.php
@@ -114,20 +114,12 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
 
 
     /**
-     * Check user permissions
+     * Internally check the user permission for the given section
      *
-     * Parses the user and group permission masks to see if the user
-     * is authorized to do the thing
-     *
-     * @author A. Gianotto <snipe@snipe.net>
-     * @since [v1.0]
      * @return boolean
      */
-    public function hasAccess($section)
+    protected function checkPermissionSection($section)
     {
-        if ($this->isSuperUser()) {
-            return true;
-        }
         $user_groups = $this->groups;
 
 
@@ -159,31 +151,33 @@ public function hasAccess($section)
     }
 
     /**
-     * Checks if the user is a SuperUser
+     * Check user permissions
+     *
+     * Parses the user and group permission masks to see if the user
+     * is authorized to do the thing
      *
      * @author A. Gianotto <snipe@snipe.net>
      * @since [v1.0]
      * @return boolean
      */
-    public function isSuperUser()
+    public function hasAccess($section)
     {
-        if (!$user_permissions = json_decode($this->permissions, true)) {
-            return false;
-        }
-
-        foreach ($this->groups as $user_group) {
-            $group_permissions = json_decode($user_group->permissions, true);
-            $group_array = (array)$group_permissions;
-            if ((array_key_exists('superuser', $group_array)) && ($group_permissions['superuser']=='1')) {
-                return true;
-            }
-        }
-
-        if ((array_key_exists('superuser', $user_permissions)) && ($user_permissions['superuser']=='1')) {
+        if ($this->isSuperUser()) {
             return true;
         }
+        return $this->checkPermissionSection($section);
+    }
 
-        return false;
+    /**
+     * Checks if the user is a SuperUser
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v1.0]
+     * @return boolean
+     */
+    public function isSuperUser()
+    {
+        return $this->checkPermissionSection('superuser');
     }
 
 
