https://github.com/umbraco/Umbraco-CMS/issues/5665: Resolved issue where adding non-admin user group editor to group already exists
This commit is contained in:
committed by
Bjarke Berg
parent
c597da8f97
commit
15b1d35c17
@@ -51,13 +51,8 @@ namespace Umbraco.Web.Editors
|
||||
if (isAuthorized == false)
|
||||
throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.Unauthorized, isAuthorized.Result));
|
||||
|
||||
//current user needs to be added to a new group if not an admin (possibly only if no other users are added?) to avoid a 401
|
||||
if(!Security.CurrentUser.IsAdmin() && (userGroupSave.Id == null || Convert.ToInt32(userGroupSave.Id) >= 0)/* && !userGroupSave.Users.Any() */)
|
||||
{
|
||||
var userIds = userGroupSave.Users.ToList();
|
||||
userIds.Add(Security.CurrentUser.Id);
|
||||
userGroupSave.Users = userIds;
|
||||
}
|
||||
//need to ensure current user is in a group if not an admin to avoid a 401
|
||||
EnsureNonAdminUserIsInSavedUserGroup(userGroupSave);
|
||||
|
||||
//save the group
|
||||
Services.UserService.Save(userGroupSave.PersistedUserGroup, userGroupSave.Users.ToArray());
|
||||
@@ -88,6 +83,23 @@ namespace Umbraco.Web.Editors
|
||||
return display;
|
||||
}
|
||||
|
||||
private void EnsureNonAdminUserIsInSavedUserGroup(UserGroupSave userGroupSave)
|
||||
{
|
||||
if (Security.CurrentUser.IsAdmin())
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
var userIds = userGroupSave.Users.ToList();
|
||||
if (userIds.Contains(Security.CurrentUser.Id))
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
userIds.Add(Security.CurrentUser.Id);
|
||||
userGroupSave.Users = userIds;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Returns the scaffold for creating a new user group
|
||||
/// </summary>
|
||||
|
||||
Reference in New Issue
Block a user