The User authorize method now checks first if the user group the user belongs to has permissions for the resource (single group version)

This commit is contained in:
Flavio Copes
2015-10-19 20:15:11 +02:00
parent 3848a266d0
commit e27f638fe3

View File

@@ -138,6 +138,13 @@ class User extends Data
return false;
}
//Check group access level
$group = $this->get('group');
if (self::getGrav()['config']->get("site.groups.{$group}.access.{$action}") === true) {
return true;
}
//Fallback to user access level
return $this->get("access.{$action}") === true;
}