Projekte/web-base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bugfix, permission api rewrite

Browse Source
This commit is contained in:
Roman
2024-03-27 15:15:46 +01:00
parent ee638914a8
commit aa51380055
11 changed files with 365 additions and 182 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
Core/API/Swagger.class.php
View File

@@ -41,11 +41,6 @@ class Swagger extends Request {
return false;
}
// special case: hardcoded permission
if ($request instanceof \Core\API\Permission\Save && (!$isLoggedIn || !$currentUser->hasGroup(Group::ADMIN))) {
return false;
}
if (!empty($requiredGroups)) {
$userGroups = array_keys($currentUser?->getGroups() ?? []);
return !empty(array_intersect($requiredGroups, $userGroups));