shield
shield copied to clipboard
codeigniter4
Bug: permission filter ignored on modules
PHP Version
8.1.6
CodeIgniter4 Version
4.3.1
Shield Version
latest commit
Which operating systems have you tested for this bug?
Windows (happens on server Linux as well)
Which server did you use?
cli-server (PHP built-in webserver)
Database
MariaDB 10.4.24
Did you customize Shield?
No
What happened?
The filters in my module doesn't seem to be working on permission the filter group is working as expected.
Steps to Reproduce
Working from App directory like below:
- App\Addons\Woocommerce\Config\Routes.php
- The filter
permissionis set like normally the case would be['filter' => 'permission:beta.access'] - Just noticed this on the current commit, don't know since when this is broken.
From this point nothing is done, checking the filter in routes from spark command results
Expected Output
The filter to be working on the routes when set from own directory.
Anything else?
No response
I think i've found the issue/solution for this:
- Inside
CodeIgniter4\shield\src\Filters\PermissionFilter.php - On checking with
if (auth()->user()->can($permission)) { }this fails. - On checking with
if (auth()->user()->hasPermission($permission)) { }this works.
The only problem with this, according to the docs, it disregards any groups if they are a part of it.
It seems if hasPermission($permission) returns true, can($permission) also returns true.
And if hasPermission($permission) works, the filter defined in the module is working.
Hi All,
Erik is deceised on august 6 and we as family are not able to answer this question!
Keep up the good work on this project, Erik loved Codeigniter!
Kind regards, Family of Erik Kraijenoord
------- Original Message ------- Op dinsdag 19 september 2023 om 13:14 schreef kenjis @.***>:
@.***(https://github.com/bedrijfsportaal) Do you still have this issue?
— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were mentioned.Message ID: @.***>
