upstream/icingadb-web
1
0
Fork 0
mirror of https://github.com/Icinga/icingadb-web.git synced 2026-05-28 04:36:06 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

ObjectAuthorization: Check whether the permission isn't within the refusals

Browse source
This commit is contained in:
Yonas Habteab 2021-08-30 11:00:26 +02:00 committed by Johannes Meyer
parent cbb5bc441f
commit 5ff0793036
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
library/Icingadb/Authentication/ObjectAuthorization.php
View file

@ -197,7 +197,7 @@ class ObjectAuthorization
}
foreach ($this->getAuth()->getUser()->getRoles() as $role) {
if (! $role->grants($permission)) {
if (! $role->grants($permission) || $role->denies($permission)) {
continue;
}