Nemcio/Grav-Admin-Plugin
1
0
Fork 0
mirror of https://github.com/getgrav/grav-plugin-admin.git synced 2026-05-06 11:16:12 +02:00
Code Issues Packages Projects Releases Activity

Prevent expert editing mode from anyone else than super users [#2094]

Browse Source
This commit is contained in:
Matias Griese
2021-03-31 12:16:40 +03:00
parent 49348067a5
commit c97177e0ee
4 changed files with 7 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
admin.php
View File

@@ -512,10 +512,10 @@ class AdminPlugin extends Plugin
$this->session = $this->grav['session'];
// set session variable if it's passed via the url
if ($this->uri->param('mode') === 'expert') {
$this->session->expert = true;
} elseif ($this->uri->param('mode') === 'normal') {
if (!$this->session->user->authorize('admin.super') || $this->uri->param('mode') === 'normal') {
$this->session->expert = false;
} elseif ($this->uri->param('mode') === 'expert') {
$this->session->expert = true;
} else {
// set the default if not set before
$this->session->expert = $this->session->expert ?? false;