From 8e006ac32d86db7c168cee9a413645a78daa07e6 Mon Sep 17 00:00:00 2001 From: Boy132 Date: Wed, 22 Oct 2025 16:00:51 +0200 Subject: [PATCH] Fix user permissions service (#1819) --- .../Servers/GetUserPermissionsService.php | 26 +++++++++++-------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/app/Services/Servers/GetUserPermissionsService.php b/app/Services/Servers/GetUserPermissionsService.php index 0b75a9c87..338bee7ab 100644 --- a/app/Services/Servers/GetUserPermissionsService.php +++ b/app/Services/Servers/GetUserPermissionsService.php @@ -2,6 +2,7 @@ namespace App\Services\Servers; +use App\Models\Permission; use App\Models\Server; use App\Models\Subuser; use App\Models\User; @@ -17,23 +18,26 @@ class GetUserPermissionsService */ public function handle(Server $server, User $user): array { - if ($user->id === $server->owner_id) { + $isOwner = $user->id === $server->owner_id; + $isAdmin = $user->isAdmin() && ($user->can('view', $server) || $user->can('update', $server)); + + if ($isOwner && !$isAdmin) { return ['*']; } - if ($user->isAdmin() && ($user->can('view', $server) || $user->can('update', $server))) { - $permissions = $user->can('update', $server) ? ['*'] : ['websocket.connect', 'backup.read']; + $adminPermissions = [ + 'admin.websocket.errors', + 'admin.websocket.install', + 'admin.websocket.transfer', + ]; - $permissions[] = 'admin.websocket.errors'; - $permissions[] = 'admin.websocket.install'; - $permissions[] = 'admin.websocket.transfer'; - - return $permissions; + if ($isAdmin) { + return $isOwner || $user->can('update', $server) ? array_merge(['*'], $adminPermissions) : array_merge([Permission::ACTION_WEBSOCKET_CONNECT], $adminPermissions); } - /** @var Subuser|null $subuserPermissions */ - $subuserPermissions = $server->subusers()->where('user_id', $user->id)->first(); + /** @var Subuser|null $subuser */ + $subuser = $server->subusers()->where('user_id', $user->id)->first(); - return $subuserPermissions ? $subuserPermissions->permissions : []; + return $subuser->permissions ?? []; } }