summaryrefslogtreecommitdiff
path: root/app/Http/RequestHandlers/UserPageDefaultEdit.php
diff options
context:
space:
mode:
authorGreg Roach <fisharebest@webtrees.net>2020-01-23 09:39:38 +0000
committerGreg Roach <fisharebest@webtrees.net>2020-01-23 09:39:38 +0000
commitf6924bc8aa0cd5eec0d5ec301d59ae0fb3c66217 (patch)
treed8bb4d57a55c8ba11183639e65232e4952eb98e4 /app/Http/RequestHandlers/UserPageDefaultEdit.php
parent027478c23a63b5681d8d4ac05fec614b75acb7ba (diff)
downloadwebtrees-f6924bc8aa0cd5eec0d5ec301d59ae0fb3c66217.tar.gz
webtrees-f6924bc8aa0cd5eec0d5ec301d59ae0fb3c66217.tar.bz2
webtrees-f6924bc8aa0cd5eec0d5ec301d59ae0fb3c66217.zip
Enforce access level for blocks
Diffstat (limited to 'app/Http/RequestHandlers/UserPageDefaultEdit.php')
-rw-r--r--app/Http/RequestHandlers/UserPageDefaultEdit.php17
1 files changed, 14 insertions, 3 deletions
diff --git a/app/Http/RequestHandlers/UserPageDefaultEdit.php b/app/Http/RequestHandlers/UserPageDefaultEdit.php
index d5c57a939b..99ed9e3123 100644
--- a/app/Http/RequestHandlers/UserPageDefaultEdit.php
+++ b/app/Http/RequestHandlers/UserPageDefaultEdit.php
@@ -19,14 +19,17 @@ declare(strict_types=1);
namespace Fisharebest\Webtrees\Http\RequestHandlers;
+use Fisharebest\Webtrees\Contracts\UserInterface;
use Fisharebest\Webtrees\Http\ViewResponseTrait;
use Fisharebest\Webtrees\I18N;
use Fisharebest\Webtrees\Module\ModuleBlockInterface;
use Fisharebest\Webtrees\Services\HomePageService;
+use Fisharebest\Webtrees\Tree;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\RequestHandlerInterface;
+use function assert;
use function route;
/**
@@ -54,13 +57,21 @@ class UserPageDefaultEdit implements RequestHandlerInterface
*/
public function handle(ServerRequestInterface $request): ResponseInterface
{
+ $tree = $request->getAttribute('tree');
+ assert($tree instanceof Tree);
+
+ $user = $request->getAttribute('user');
+ assert($user instanceof UserInterface);
+
$this->layout = 'layouts/administration';
$this->home_page_service->checkDefaultUserBlocksExist();
- $main_blocks = $this->home_page_service->userBlocks(-1, ModuleBlockInterface::MAIN_BLOCKS);
- $side_blocks = $this->home_page_service->userBlocks(-1, ModuleBlockInterface::SIDE_BLOCKS);
- $all_blocks = $this->home_page_service->availableUserBlocks();
+ $default_tree = new Tree(-1, 'DEFAULT', 'DEFAULT');
+
+ $main_blocks = $this->home_page_service->userBlocks($default_tree, $user, ModuleBlockInterface::MAIN_BLOCKS);
+ $side_blocks = $this->home_page_service->userBlocks($default_tree, $user, ModuleBlockInterface::SIDE_BLOCKS);
+ $all_blocks = $this->home_page_service->availableUserBlocks($tree, $user);
$title = I18N::translate('Set the default blocks for new users');
$url_cancel = route('admin-users');
$url_save = route(UserPageDefaultUpdate::class);