From e27f638fe39d340ff74114ad865aaf9eebf4d8f6 Mon Sep 17 00:00:00 2001 From: Flavio Copes Date: Mon, 19 Oct 2015 20:15:11 +0200 Subject: [PATCH] The User authorize method now checks first if the user group the user belongs to has permissions for the resource (single group version) --- system/src/Grav/Common/User/User.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/system/src/Grav/Common/User/User.php b/system/src/Grav/Common/User/User.php index 21cd61c38..260560586 100644 --- a/system/src/Grav/Common/User/User.php +++ b/system/src/Grav/Common/User/User.php @@ -138,6 +138,13 @@ class User extends Data return false; } + //Check group access level + $group = $this->get('group'); + if (self::getGrav()['config']->get("site.groups.{$group}.access.{$action}") === true) { + return true; + } + + //Fallback to user access level return $this->get("access.{$action}") === true; }