diff options
| author | Jan-Hendrik Willms <tleilax+studip@gmail.com> | 2023-02-14 13:30:15 +0000 |
|---|---|---|
| committer | Jan-Hendrik Willms <tleilax+studip@gmail.com> | 2023-02-14 13:30:15 +0000 |
| commit | aee06a2a8be305d409bf442bf6f43b8b126b2744 (patch) | |
| tree | ad33c68023ab28fef9f373e491aed6013512061a /lib/resources | |
| parent | e343ab9eed1bc44a33f45967d994aaab6b926438 (diff) | |
fix permission handling, fixes #2160
Closes #2160
Merge request studip/studip!1395
Diffstat (limited to 'lib/resources')
| -rw-r--r-- | lib/resources/ResourceManager.class.php | 22 |
1 files changed, 14 insertions, 8 deletions
diff --git a/lib/resources/ResourceManager.class.php b/lib/resources/ResourceManager.class.php index 2c4e6ce..a30c470 100644 --- a/lib/resources/ResourceManager.class.php +++ b/lib/resources/ResourceManager.class.php @@ -845,12 +845,16 @@ class ResourceManager * This method does the mapping from the old resource management permissions * to the new resource management permissions. */ - public static function getGlobalResourcePermission(User $user) + public static function getGlobalResourcePermission(User $user = null) { + if (!$user) { + return ''; + } + global $perm; //First we check if the user is a root user: - if ($perm->get_perm($user->id) == 'root') { + if ($perm->get_perm($user->id) === 'root') { return 'admin'; } @@ -886,11 +890,15 @@ class ResourceManager * If this is not set the current timestamp will be used. */ public static function userHasResourcePermissions( - User $user, + User $user = null, $level = 'admin', $time = null ) { + if (!$user) { + return false; + } + //Get all permissions and temporary permissions of the user: $permissions = ResourcePermission::findBySQL( @@ -1062,16 +1070,14 @@ class ResourceManager * Checks if the specified user has the specified permission level * for the resource management system. * - * @param User $user The user whose global resource permissions - * shall be checked. - * @param string $requested_permission The required permission level - * for the user. + * @param User|null $user The user whose global resource permissions shall be checked. + * @param string $requested_permission The required permission level for the user. * * @returns bool True, if the user has the required permission level, * false otherwise. */ public static function userHasGlobalPermission( - User $user, + User $user = null, $requested_permission = 'user' ) { |