Fix on summit admin groups
dont check on external Change-Id: Ie93a1b108627331e6a56ec621e99efe14b646bb0 Signed-off-by: smarcet <smarcet@gmail.com>
This commit is contained in:
smarcet
parent
08cb3cbe52
commit
af5dc5689e
|
|
@ -198,7 +198,9 @@ final class OAuth2SummitApiController extends OAuth2ProtectedController
|
||||||
|
|
||||||
$current_member = $this->resource_server_context->getCurrentUser();
|
$current_member = $this->resource_server_context->getCurrentUser();
|
||||||
|
|
||||||
if (!is_null($current_member) && !$current_member->isAdmin() && !$current_member->hasAllowedSummits()) {
|
if (!is_null($current_member) &&
|
||||||
|
!$current_member->isAdmin() &&
|
||||||
|
!$current_member->hasAllowedSummits()) {
|
||||||
return $this->error403(['message' => sprintf("Member %s has not permission for any Summit", $current_member->getId())]);
|
return $this->error403(['message' => sprintf("Member %s has not permission for any Summit", $current_member->getId())]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -736,7 +736,7 @@ class Member extends SilverstripeBaseModel
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!$skip_external) {
|
if (!$skip_external) {
|
||||||
Log::debug(sprintf("Member::isAdmin check on external "));
|
Log::debug(sprintf("Member::isAdmin check on external"));
|
||||||
if ($this->isOnExternalGroup(IGroup::SuperAdmins))
|
if ($this->isOnExternalGroup(IGroup::SuperAdmins))
|
||||||
return true;
|
return true;
|
||||||
|
|
||||||
|
|
@ -763,9 +763,11 @@ class Member extends SilverstripeBaseModel
|
||||||
*/
|
*/
|
||||||
public function isOnExternalGroup(string $code): bool
|
public function isOnExternalGroup(string $code): bool
|
||||||
{
|
{
|
||||||
|
Log::debug(sprintf("Member::isOnExternalGroup id %s code %s", $this->id, $code));
|
||||||
$resource_server_ctx = App::make(IResourceServerContext::class);
|
$resource_server_ctx = App::make(IResourceServerContext::class);
|
||||||
if ($resource_server_ctx instanceof IResourceServerContext) {
|
if ($resource_server_ctx instanceof IResourceServerContext) {
|
||||||
foreach ($resource_server_ctx->getCurrentUserGroups() as $group) {
|
foreach ($resource_server_ctx->getCurrentUserGroups() as $group) {
|
||||||
|
Log::debug(sprintf("Member::isOnExternalGroup id %s code %s external group %s", $this->id, $code, $group['slug']));
|
||||||
if
|
if
|
||||||
(
|
(
|
||||||
isset($group['slug']) &&
|
isset($group['slug']) &&
|
||||||
|
|
|
||||||
|
|
@ -72,6 +72,7 @@ class SummitAdministratorPermissionGroup extends SilverstripeBaseModel
|
||||||
throw new ValidationException(sprintf("Member %s should belong to following groups (%s)", $member->getId(),
|
throw new ValidationException(sprintf("Member %s should belong to following groups (%s)", $member->getId(),
|
||||||
implode(",", self::ValidGroups)));
|
implode(",", self::ValidGroups)));
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($this->members->contains($member)) return;
|
if ($this->members->contains($member)) return;
|
||||||
$this->members->add($member);
|
$this->members->add($member);
|
||||||
$member->add2SummitAdministratorPermissionGroup($this);
|
$member->add2SummitAdministratorPermissionGroup($this);
|
||||||
|
|
@ -79,9 +80,10 @@ class SummitAdministratorPermissionGroup extends SilverstripeBaseModel
|
||||||
|
|
||||||
public function canAddMember(Member $member):bool{
|
public function canAddMember(Member $member):bool{
|
||||||
return
|
return
|
||||||
$member->isOnGroup(IGroup::SummitAdministrators) ||
|
$member->isOnGroup(IGroup::SummitAdministrators, true) ||
|
||||||
$member->isOnGroup(IGroup::TrackChairs) ||
|
$member->isOnGroup(IGroup::TrackChairs, true) ||
|
||||||
$member->isOnGroup(IGroup::TrackChairsAdmins);
|
$member->isOnGroup(IGroup::TrackChairsAdmins, true) ||
|
||||||
|
$member->isOnGroup(IGroup::BadgePrinters, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue