Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixing checking of user permissions when no user-specific permissions set #6229

Merged
merged 1 commit into from
Sep 25, 2018
Merged

Fixing checking of user permissions when no user-specific permissions set #6229

merged 1 commit into from
Sep 25, 2018

Conversation

nixn
Copy link
Contributor

@nixn nixn commented Sep 25, 2018

When a user has no permissions set (=NULL) in the database (like after an
LDAP import) but is a member of a group with permissions, those group
permissions would not have be applied, effectively denying every access
regardless of group permissions.

fixed checking permissions for users with no permissions set
5ea6664 
When a user has no permissions set (=NULL) in the database (like after an
LDAP import) but is a member of a group with permissions, those group
permissions would not have be applied, effectively denying every access
regardless of group permissions.
@nixn nixn requested a review from snipe as a code owner September 25, 2018 09:42
@nixn nixn mentioned this pull request Sep 25, 2018
Closed
@snipe snipe merged commit f85e3ed into snipe:develop Sep 25, 2018
@snipe
Copy link
Owner

snipe commented Sep 25, 2018

Thanks! I believe we fixed this on the creation side (possibly not with LDAP but at least with import) so that at least [] shows in the database, but we hadn't had a chance to fix on the permission parsing side yet.

Sxderp added a commit to Sxderp/snipe-it that referenced this pull request Feb 28, 2019
@Sxderp
Extend snipe#6229 to include superuser permission check
0b47788 
Fixes the null permission check for superuser permission. As
well as reducing duplicated code by moving the checks to a
separate function.

This change has a slight backwards compatibility break.
In the previous version a user could not be explicitly denied
the superuser permission through user-specific config. If
they were in a group with superuser they would always have
superuser. Now the user-specific configuration will take
precedence.
travismiller added a commit to tulsaschoolsdata/snipe-it that referenced this pull request Oct 20, 2020
@travismiller
TPS: Backport fixes to User hasAccess
c7aa2ef 
Fixed in v5.0.0

snipe#6229
snipe pushed a commit that referenced this pull request Apr 6, 2021
@Sxderp
Extend #6229 to include superuser permission check (#6772)
f01c93e
travismiller added a commit to tulsaschoolsdata/snipe-it that referenced this pull request Jun 3, 2021
@travismiller
TPS: Backport fixes to User hasAccess
fd30e96 
Fixed in v5.0.0

snipe#6229
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@snipe snipe Awaiting requested review from snipe snipe is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nixn @snipe