Julius Härtl
@@ -160,19 +160,19 @@ class PermissionService {
|
||||
throw new NoPermissionException('Permission denied');
|
||||
}
|
||||
|
||||
$permissions = $this->getPermissions($boardId, $userId);
|
||||
if ($permissions[$permission] === true) {
|
||||
if (!$allowDeletedCard && $mapper instanceof CardMapper) {
|
||||
$card = $mapper->find($id);
|
||||
if ($card->getDeletedAt() > 0) {
|
||||
throw new NoPermissionException('Card is deleted');
|
||||
try {
|
||||
$permissions = $this->getPermissions($boardId, $userId);
|
||||
if ($permissions[$permission] === true) {
|
||||
if (!$allowDeletedCard && $mapper instanceof CardMapper) {
|
||||
$card = $mapper->find($id);
|
||||
if ($card->getDeletedAt() > 0) {
|
||||
throw new NoPermissionException('Card is deleted');
|
||||
}
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
try {
|
||||
$acls = $this->getBoard((int)$boardId)->getAcl() ?? [];
|
||||
$result = $this->userCan($acls, $permission, $userId);
|
||||
if ($result) {
|
||||
|
||||
@@ -240,6 +240,8 @@ class PermissionServiceTest extends \Test\TestCase {
|
||||
->method('sharingDisabledForUser')
|
||||
->willReturn(false);
|
||||
|
||||
$this->aclMapper->method('findAll')->willReturn([]);
|
||||
|
||||
if ($result) {
|
||||
$actual = $this->service->checkPermission($mapper, 1234, $permission);
|
||||
$this->assertTrue($actual);
|
||||
@@ -262,6 +264,8 @@ class PermissionServiceTest extends \Test\TestCase {
|
||||
$this->boardMapper->expects($this->any())->method('find')->willReturn($board);
|
||||
}
|
||||
|
||||
$this->aclMapper->method('findAll')->willReturn([]);
|
||||
|
||||
if ($result) {
|
||||
$actual = $this->service->checkPermission($mapper, 1234, $permission);
|
||||
$this->assertTrue($actual);
|
||||
|
||||
Reference in New Issue
Block a user