Fixed some admin related ACL issues

2026-05-07 08:57:06 +02:00 · 2020-02-03 12:53:41 +02:00
parent d589dbcbea
commit defc70e656
2 changed files with 9 additions and 2 deletions
--- a/system/src/Grav/Common/Flex/UserGroups/UserGroupCollection.php
+++ b/system/src/Grav/Common/Flex/UserGroups/UserGroupCollection.php
@@ -35,6 +35,7 @@ class UserGroupCollection extends FlexCollection
    public function authorize(string $action, string $scope = null): ?bool
    {
        $authorized = null;
+        /** @var UserGroupObject $object */
        foreach ($this as $object) {
            $auth = $object->authorize($action, $scope);
            if ($auth === true) {
--- a/system/src/Grav/Common/Twig/TwigExtension.php
+++ b/system/src/Grav/Common/Twig/TwigExtension.php
@@ -1028,8 +1028,14 @@ class TwigExtension extends AbstractExtension implements GlobalsInterface
     */
    public function authorize($action)
    {
-        /** @var UserInterface|null $user */
-        $user = $this->grav['user'] ?? null;
+        // Admin can use Flex users even if the site does not; make sure we use the right version of the user.
+        $admin = $this->grav['admin'] ?? null;
+        if ($admin) {
+            $user = $admin->user;
+        } else {
+            /** @var UserInterface|null $user */
+            $user = $this->grav['user'] ?? null;
+        }

        if (!$user) {
            return false;