Fix #857 login to admin with permission inherited from group

2026-05-06 07:36:15 +02:00 · 2016-11-08 16:42:57 +01:00
parent 40e668919d
commit 63c83d785c
3 changed files with 49 additions and 30 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -12,6 +12,7 @@
    * Dashboard Charts now always refresh no matter what [#753](https://github.com/getgrav/grav-plugin-admin/issues/753)
    * Use rawRoute for parent too when saving [#843](https://github.com/getgrav/grav-plugin-admin/issues/843)
    * Avoid different output when users exist or not in password recovery [#849](https://github.com/getgrav/grav/issues/849)
+    * Fix login to admin with permission inherited from group [#857](https://github.com/getgrav/grav-plugin-admin/issues/857)

 # v1.2.4
 ## 10/22/2016
--- a/classes/admin.php
+++ b/classes/admin.php
@@ -318,22 +318,29 @@ class Admin
                // Authenticate user.
                $result = $user->authenticate($data['password']);

-                if ($result) {
-                    $this->user = $this->session->user = $user;
-
-                    /** @var Grav $grav */
-                    $grav = $this->grav;
-
-                    unset($this->grav['user']);
-                    $this->grav['user'] = $user;
-
-                    $this->setMessage($this->translate('PLUGIN_ADMIN.LOGIN_LOGGED_IN'), 'info');
-                    $grav->redirect($post['redirect']);
+                if (!$result) {
+                    return false;
                }
            }
        }

-        return $this->authorize();
+        $action = [];
+
+        if ($user->authorize('admin.login')) {
+            $this->user = $this->session->user = $user;
+
+            /** @var Grav $grav */
+            $grav = $this->grav;
+
+            unset($this->grav['user']);
+            $this->grav['user'] = $user;
+
+            $this->setMessage($this->translate('PLUGIN_ADMIN.LOGIN_LOGGED_IN'), 'info');
+            $grav->redirect($post['redirect']);
+            return true; //never reached
+        }
+
+        return false;
    }

    /**
--- a/themes/grav/templates/login.html.twig
+++ b/themes/grav/templates/login.html.twig
@@ -1,27 +1,38 @@
 {% embed 'partials/login.html.twig' with {title:'Grav Admin Login'} %}

    {% block form %}
-        {% for field in page.header.form.fields %}
-            {% if field.type %}
-                <div>
-                    {% include ["forms/fields/#{field.type}/#{field.type}.html.twig", 'forms/fields/text/text.html.twig'] %}
-                </div>
-            {% endif %}
-        {% endfor %}

-        <div class="form-actions primary-accent">
-            {% if notAuthorized %}
-                <a class="button secondary" onclick="window.history.back()"><i class="fa fa-reply"></i> {{ 'PLUGIN_ADMIN.BACK'|tu }}</a>
+        {% if grav.user.username and grav.user.authenticated %}
+
+            <div class="form-actions primary-accent">
                <button type="submit" class="button primary" name="task" value="logout"><i class="fa fa-sign-in"></i> {{ 'PLUGIN_ADMIN.LOGOUT'|tu }}</button>
-            {% else %}
-                {% if not authenticated %}
-                    <a class="button secondary" href="{{ base_url_relative }}/forgot"><i class="fa fa-exclamation-circle"></i> {{ 'PLUGIN_ADMIN.LOGIN_BTN_FORGOT'|tu }}</a>
-                    <button type="submit" class="button primary" name="task" value="login"><i class="fa fa-sign-in"></i> {{ 'PLUGIN_ADMIN.LOGIN_BTN'|tu }}</button>
-                {% else %}
-                    <button type="submit" class="button primary" name="task" value="logout"><i class="fa fa-sign-in"></i> {{ 'PLUGIN_ADMIN.LOGOUT'|tu }}</button>
+            </div>
+
+        {% else %}
+
+            {% for field in page.header.form.fields %}
+                {% if field.type %}
+                    <div>
+                        {% include ["forms/fields/#{field.type}/#{field.type}.html.twig", 'forms/fields/text/text.html.twig'] %}
+                    </div>
                {% endif %}
-            {% endif %}
-        </div>
+            {% endfor %}
+
+            <div class="form-actions primary-accent">
+                {% if notAuthorized %}
+                    <a class="button secondary" onclick="window.history.back()"><i class="fa fa-reply"></i> {{ 'PLUGIN_ADMIN.BACK'|tu }}</a>
+                    <button type="submit" class="button primary" name="task" value="logout"><i class="fa fa-sign-in"></i> {{ 'PLUGIN_ADMIN.LOGOUT'|tu }}</button>
+                {% else %}
+                    {% if not authenticated %}
+                        <a class="button secondary" href="{{ base_url_relative }}/forgot"><i class="fa fa-exclamation-circle"></i> {{ 'PLUGIN_ADMIN.LOGIN_BTN_FORGOT'|tu }}</a>
+                        <button type="submit" class="button primary" name="task" value="login"><i class="fa fa-sign-in"></i> {{ 'PLUGIN_ADMIN.LOGIN_BTN'|tu }}</button>
+                    {% else %}
+                        <button type="submit" class="button primary" name="task" value="logout"><i class="fa fa-sign-in"></i> {{ 'PLUGIN_ADMIN.LOGOUT'|tu }}</button>
+                    {% endif %}
+                {% endif %}
+            </div>
+
+        {% endif %}

    {% endblock %}