Commit ed494154 authored by Alexandre Morin's avatar Alexandre Morin

Merge branch 'hotfix/2.3.5' into 'master'

hotfix/2.3.5 to master

See merge request !161
parents dc289d45 356d77eb
......@@ -263,7 +263,11 @@ class organization
*/
public function create($organization)
{
if (!$organization->parentOrgId && \laabs::getToken('AUTH')->accountId != \laabs::configuration("auth")["adminUsers"][0]) {
$authController = \laabs::newController("auth/userAccount");
$user = $authController->get(\laabs::getToken('AUTH')->accountId);
if (!$organization->parentOrgId && !in_array($user->accountName, \laabs::configuration("auth")["adminUsers"])) {
if (\laabs::getToken("ORGANIZATION")) {
if (!in_array('owner', \laabs::getToken("ORGANIZATION")->orgRoleCodes)) {
throw new \core\Exception("You're not allowed to create an organization");
......
......@@ -81,9 +81,12 @@ class orgTree
return strcmp($a->reference, $b->reference);
});
$authController = \laabs::newController("auth/userAccount");
$user = $authController->get(\laabs::getToken('AUTH')->accountId);
if (\laabs::getToken("ORGANIZATION") && \laabs::getToken("ORGANIZATION")->orgRoleCodes) {
$addOrganizationRight = in_array('owner', \laabs::getToken("ORGANIZATION")->orgRoleCodes);
} elseif (\laabs::getToken('AUTH')->accountId == \laabs::configuration("auth")["adminUsers"][0]) {
} elseif (in_array($user->accountName, \laabs::configuration("auth")["adminUsers"])) {
$addOrganizationRight = true;
} else {
$addOrganizationRight = false;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment