mirror of
https://github.com/getgrav/grav.git
synced 2026-07-15 21:33:46 +02:00
The User authorize method now checks first if the user group the user belongs to has permissions for the resource (single group version)
This commit is contained in:
@@ -138,6 +138,13 @@ class User extends Data
|
||||
return false;
|
||||
}
|
||||
|
||||
//Check group access level
|
||||
$group = $this->get('group');
|
||||
if (self::getGrav()['config']->get("site.groups.{$group}.access.{$action}") === true) {
|
||||
return true;
|
||||
}
|
||||
|
||||
//Fallback to user access level
|
||||
return $this->get("access.{$action}") === true;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user