mirror of
https://github.com/snipe/snipe-it.git
synced 2024-12-25 05:34:06 -08:00
Unset superadmin by non-superadmins on user create
This commit is contained in:
parent
429afc6b3f
commit
3dac20c20f
|
@ -125,7 +125,16 @@ class UsersController extends Controller
|
|||
$user->company_id = e(Company::getIdForUser($request->input('company_id')));
|
||||
$user->manager_id = e($request->input('manager_id'));
|
||||
$user->notes = e($request->input('notes'));
|
||||
$user->permissions = json_encode($request->input('permission'));
|
||||
|
||||
// Strip out the superuser permission if the user isn't a superadmin
|
||||
$permissions_array = $request->input('permission');
|
||||
|
||||
if (!Auth::user()->isSuperUser()) {
|
||||
unset($permissions_array['superuser']);
|
||||
}
|
||||
|
||||
$user->permissions = json_encode($permissions_array);
|
||||
|
||||
|
||||
|
||||
if ($user->manager_id == "") {
|
||||
|
@ -357,7 +366,7 @@ class UsersController extends Controller
|
|||
}
|
||||
|
||||
$user->permissions = json_encode($permissions_array);
|
||||
|
||||
|
||||
if ($user->manager_id == "") {
|
||||
$user->manager_id = null;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue