Fixes #35994 - check if user has administrator permissions by its use…

…rgroup
theforeman · Feb 5, 2023 · e9ac79c · e9ac79c
1 parent 78b7799
commit e9ac79c
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 1 deletion.
diff --git a/webpack/graphql/queries/currentUserAttributes.gql b/webpack/graphql/queries/currentUserAttributes.gql
@@ -8,4 +8,9 @@ fragment CurrentUserAttributes on User {
       name
     }
   }
+  usergroups {
+    nodes {
+      admin
+    }
+  }
 }
diff --git a/webpack/permissionsHelper.js b/webpack/permissionsHelper.js
@@ -11,7 +11,10 @@ export const permissionCheck = (user, permissionsRequired) => {
     );
   }
 
-  if (user.admin) {
+  if (
+    user.admin ||
+    user.usergroups.nodes.find(usergroup => usergroup.admin === true)
+  ) {
     return { allowed: true };
   }
 

diff --git a/webpack/testHelper.js b/webpack/testHelper.js
@@ -71,6 +71,9 @@ export const userFactory = (login, permissions = []) => ({
   permissions: {
     nodes: permissions,
   },
+  usergroups: {
+    nodes: [],
+  },
 });
 
 export const admin = {
@@ -81,6 +84,9 @@ export const admin = {
   permissions: {
     nodes: [],
   },
+  usergroups: {
+    nodes: [],
+  },
 };
 
 export const intruder = userFactory('intruder', [
-Original file line number
+Diff line change
@@ Expand Up / @@ -8,4 +8,9 @@ fragment CurrentUserAttributes on User { @@
           name
         }
       }
+      usergroups {
+        nodes {
+          admin
+        }
+      }
     }