Merge pull request #35 from topcoder-platform/issues-244

jmgasper · web-flow · commit 535f1f638d7e · 2020-12-02T08:19:45.000+11:00
Issues-217:check category permissions for group members
diff --git a/models/class.groupmodel.php b/models/class.groupmodel.php
@@ -796,21 +796,29 @@ public function countMyGroups($where =[]) {
         return $data === false ? 0 : $data->Count;
     }
 
-    public function checkPermission($userID,$groupID,$permissions = null, $fullMatch = false){
-        if(is_array($permissions)) {
-            return $this->isMemberOfGroup($userID,$groupID) && GDN::session()->checkPermission(
-                $permissions,$fullMatch);
-        } else if(is_string($permissions)) {
-            return $this->isMemberOfGroup($userID,$groupID) && GDN::session()->checkPermission(
-                    [$permissions],$fullMatch);
-        }
-
-        return $this->isMemberOfGroup($userID,$groupID) || GDN::session()->checkPermission([
-                GroupsPlugin::GROUPS_GROUP_ADD_PERMISSION,
-                GroupsPlugin::GROUPS_CATEGORY_MANAGE_PERMISSION,
-                GroupsPlugin::GROUPS_MODERATION_MANAGE_PERMISSION,
-                GroupsPlugin::GROUPS_EMAIL_INVITATIONS_PERMISSION
-            ],$fullMatch);
+    public function checkPermission($userID,$groupID,$categoryID = null, $permissionCategoryID = null, $permissions = null, $fullMatch = true){
+        // Check access to a category
+        $result = false;
+        if($this->isMemberOfGroup($userID,$groupID)) {
+            if ($permissions == null) {
+                $result = true;
+            } else {
+                $result = Gdn::session()->checkPermission($permissions, $fullMatch, 'Category', $permissionCategoryID)
+                    || Gdn::session()->checkPermission($permissions, $fullMatch, 'Category', $categoryID);
+            }
+        } else {
+            // User is not a group member, checking admin group permissions
+            if ( GDN::session()->checkPermission([
+                    GroupsPlugin::GROUPS_GROUP_ADD_PERMISSION,
+                    GroupsPlugin::GROUPS_CATEGORY_MANAGE_PERMISSION,
+                    GroupsPlugin::GROUPS_MODERATION_MANAGE_PERMISSION,
+                    GroupsPlugin::GROUPS_EMAIL_INVITATIONS_PERMISSION
+                ], false)) {
+                $result =  Gdn::session()->checkPermission($permissions, $fullMatch, 'Category', $permissionCategoryID)
+                    || Gdn::session()->checkPermission($permissions, $fullMatch, 'Category', $categoryID);;
+            }
+        }
+        return $result;
     }
 
     /**
