diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2017-01-07 11:41:59 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2017-01-07 11:41:59 +0000 |
| commit | eef502388621e18f2ae424bfc499747a3a86e3e7 (patch) | |
| tree | 6c05ff651f26dc8b9a8aa76d97860d99453c92bb | |
| parent | 34a933a5806719b09743a6177f418f6384c9ee4c (diff) | |
| download | redmine-eef502388621e18f2ae424bfc499747a3a86e3e7.tar.gz redmine-eef502388621e18f2ae424bfc499747a3a86e3e7.zip | |
Don't destructively insert builtin_role into roles (#23519).
git-svn-id: http://svn.redmine.org/redmine/trunk@16155 e93f8b46-1217-0410-a6f0-8f06a7374b81
| -rw-r--r-- | app/models/user.rb | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index 24fd47464..150cc27bb 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -678,9 +678,8 @@ class User < Principal return true if admin? # authorize if user has at least one role that has this permission - rls = self.roles.to_a - rls << builtin_role - rls.any? {|role| + roles = self.roles.to_a | [builtin_role] + roles.any? {|role| role.allowed_to?(action) && (block_given? ? yield(role, self) : true) } |