From 3980939d54d9f1cec1458547fd97b5b3a0aa26cb Mon Sep 17 00:00:00 2001 From: flashwave Date: Tue, 11 Dec 2018 20:08:59 +0100 Subject: [PATCH] // Permissions stuff --- src/manage.php | 256 ++++--------------------- src/perms.php | 63 ++++-- templates/manage/forum/forumperms.twig | 2 +- templates/manage/macros.twig | 8 +- templates/manage/users/role.twig | 2 +- templates/manage/users/user.twig | 2 +- 6 files changed, 83 insertions(+), 250 deletions(-) diff --git a/src/manage.php b/src/manage.php index 80636ae9..6e57b7ff 100644 --- a/src/manage.php +++ b/src/manage.php @@ -97,15 +97,16 @@ function manage_perms_apply(array $list, array $post): ?array continue; } - $allowKey = perms_get_key($section['section'], 'allow'); - $denyKey = perms_get_key($section['section'], 'deny'); + $allowKey = perms_get_key($section['section'], MSZ_PERMS_ALLOW); + $denyKey = perms_get_key($section['section'], MSZ_PERMS_DENY); + $overrideKey = perms_get_key($section['section'], MSZ_PERMS_OVERRIDE); foreach ($section['perms'] as $perm) { - if (empty($post[$section['section']][$perm['section']])) { + if (empty($post[$section['section']][$perm['section']]['value'])) { continue; } - switch ($post[$section['section']][$perm['section']]) { + switch ($post[$section['section']][$perm['section']]['value']) { case 'yes': $perms[$allowKey] |= $perm['perm']; $perms[$denyKey] &= ~$perm['perm']; @@ -122,6 +123,12 @@ function manage_perms_apply(array $list, array $post): ?array $perms[$denyKey] &= ~$perm['perm']; break; } + + if (!empty($post[$section['section']][$perm['section']]['override'])) { + $perms[$overrideKey] |= $perm['perm']; + } else { + $perms[$overrideKey] &= ~$perm['perm']; + } } } @@ -138,9 +145,27 @@ function manage_perms_apply(array $list, array $post): ?array return $perms; } +function manage_perms_calculate(array $rawPerms, array $perms): array +{ + for ($i = 0; $i < count($perms); $i++) { + $section = $perms[$i]['section']; + $allowKey = perms_get_key($section, MSZ_PERMS_ALLOW); + $denyKey = perms_get_key($section, MSZ_PERMS_DENY); + $overrideKey = perms_get_key($section, MSZ_PERMS_OVERRIDE); + + for ($j = 0; $j < count($perms[$i]['perms']); $j++) { + $permission = $perms[$i]['perms'][$j]['perm']; + $perms[$i]['perms'][$j]['override'] = perms_check($rawPerms[$overrideKey], $permission); + $perms[$i]['perms'][$j]['value'] = manage_perms_value($permission, $rawPerms[$allowKey], $rawPerms[$denyKey]); + } + } + + return $perms; +} + function manage_perms_list(array $rawPerms): array { - return [ + return manage_perms_calculate($rawPerms, [ [ 'section' => 'general', 'title' => 'General', @@ -149,51 +174,26 @@ function manage_perms_list(array $rawPerms): array 'section' => 'can-manage', 'title' => 'Can access the management panel.', 'perm' => MSZ_PERM_GENERAL_CAN_MANAGE, - 'value' => manage_perms_value( - MSZ_PERM_GENERAL_CAN_MANAGE, - $rawPerms['general_perms_allow'], - $rawPerms['general_perms_deny'] - ), ], [ 'section' => 'view-logs', 'title' => 'Can view audit logs.', 'perm' => MSZ_PERM_GENERAL_VIEW_LOGS, - 'value' => manage_perms_value( - MSZ_PERM_GENERAL_VIEW_LOGS, - $rawPerms['general_perms_allow'], - $rawPerms['general_perms_deny'] - ) ], [ 'section' => 'manage-emotes', 'title' => 'Can manage emoticons.', 'perm' => MSZ_PERM_GENERAL_MANAGE_EMOTICONS, - 'value' => manage_perms_value( - MSZ_PERM_GENERAL_MANAGE_EMOTICONS, - $rawPerms['general_perms_allow'], - $rawPerms['general_perms_deny'] - ) ], [ 'section' => 'manage-settings', 'title' => 'Can manage general Misuzu settings.', 'perm' => MSZ_PERM_GENERAL_MANAGE_SETTINGS, - 'value' => manage_perms_value( - MSZ_PERM_GENERAL_MANAGE_SETTINGS, - $rawPerms['general_perms_allow'], - $rawPerms['general_perms_deny'] - ) ], [ 'section' => 'tester', 'title' => 'Can use experimental features.', 'perm' => MSZ_PERM_GENERAL_TESTER, - 'value' => manage_perms_value( - MSZ_PERM_GENERAL_TESTER, - $rawPerms['general_perms_allow'], - $rawPerms['general_perms_deny'] - ) ], ], ], @@ -205,101 +205,51 @@ function manage_perms_list(array $rawPerms): array 'section' => 'edit-profile', 'title' => 'Can edit own profile.', 'perm' => MSZ_PERM_USER_EDIT_PROFILE, - 'value' => manage_perms_value( - MSZ_PERM_USER_EDIT_PROFILE, - $rawPerms['user_perms_allow'], - $rawPerms['user_perms_deny'] - ), ], [ 'section' => 'change-avatar', 'title' => 'Can change own avatar.', 'perm' => MSZ_PERM_USER_CHANGE_AVATAR, - 'value' => manage_perms_value( - MSZ_PERM_USER_CHANGE_AVATAR, - $rawPerms['user_perms_allow'], - $rawPerms['user_perms_deny'] - ), ], [ 'section' => 'change-background', 'title' => 'Can change own background.', 'perm' => MSZ_PERM_USER_CHANGE_BACKGROUND, - 'value' => manage_perms_value( - MSZ_PERM_USER_CHANGE_BACKGROUND, - $rawPerms['user_perms_allow'], - $rawPerms['user_perms_deny'] - ), ], [ 'section' => 'edit-about', 'title' => 'Can change own about section.', 'perm' => MSZ_PERM_USER_EDIT_ABOUT, - 'value' => manage_perms_value( - MSZ_PERM_USER_EDIT_ABOUT, - $rawPerms['user_perms_allow'], - $rawPerms['user_perms_deny'] - ), ], [ 'section' => 'manage-users', 'title' => 'Can manage other users.', 'perm' => MSZ_PERM_USER_MANAGE_USERS, - 'value' => manage_perms_value( - MSZ_PERM_USER_MANAGE_USERS, - $rawPerms['user_perms_allow'], - $rawPerms['user_perms_deny'] - ), ], [ 'section' => 'manage-roles', 'title' => 'Can manage roles.', 'perm' => MSZ_PERM_USER_MANAGE_ROLES, - 'value' => manage_perms_value( - MSZ_PERM_USER_MANAGE_ROLES, - $rawPerms['user_perms_allow'], - $rawPerms['user_perms_deny'] - ), ], [ 'section' => 'manage-perms', 'title' => 'Can manage permissions.', 'perm' => MSZ_PERM_USER_MANAGE_PERMS, - 'value' => manage_perms_value( - MSZ_PERM_USER_MANAGE_PERMS, - $rawPerms['user_perms_allow'], - $rawPerms['user_perms_deny'] - ), ], [ 'section' => 'manage-reports', 'title' => 'Can handle reports.', 'perm' => MSZ_PERM_USER_MANAGE_REPORTS, - 'value' => manage_perms_value( - MSZ_PERM_USER_MANAGE_REPORTS, - $rawPerms['user_perms_allow'], - $rawPerms['user_perms_deny'] - ), ], [ 'section' => 'manage-restrictions', 'title' => 'Can manage restrictions.', 'perm' => MSZ_PERM_USER_MANAGE_RESTRICTIONS, - 'value' => manage_perms_value( - MSZ_PERM_USER_MANAGE_RESTRICTIONS, - $rawPerms['user_perms_allow'], - $rawPerms['user_perms_deny'] - ), ], [ 'section' => 'manage-blacklistings', 'title' => 'Can manage blacklistings.', 'perm' => MSZ_PERM_USER_MANAGE_BLACKLISTS, - 'value' => manage_perms_value( - MSZ_PERM_USER_MANAGE_BLACKLISTS, - $rawPerms['user_perms_allow'], - $rawPerms['user_perms_deny'] - ), ], ], ], @@ -311,21 +261,11 @@ function manage_perms_list(array $rawPerms): array 'section' => 'manage-posts', 'title' => 'Can manage posts.', 'perm' => MSZ_PERM_NEWS_MANAGE_POSTS, - 'value' => manage_perms_value( - MSZ_PERM_NEWS_MANAGE_POSTS, - $rawPerms['news_perms_allow'], - $rawPerms['news_perms_deny'] - ), ], [ 'section' => 'manage-cats', 'title' => 'Can manage catagories.', 'perm' => MSZ_PERM_NEWS_MANAGE_CATEGORIES, - 'value' => manage_perms_value( - MSZ_PERM_NEWS_MANAGE_CATEGORIES, - $rawPerms['news_perms_allow'], - $rawPerms['news_perms_deny'] - ), ], ], ], @@ -337,11 +277,6 @@ function manage_perms_list(array $rawPerms): array 'section' => 'manage-forums', 'title' => 'Can manage forum sections.', 'perm' => MSZ_PERM_FORUM_MANAGE_FORUMS, - 'value' => manage_perms_value( - MSZ_PERM_FORUM_MANAGE_FORUMS, - $rawPerms['forum_perms_allow'], - $rawPerms['forum_perms_deny'] - ) ], ], ], @@ -353,81 +288,41 @@ function manage_perms_list(array $rawPerms): array 'section' => 'create', 'title' => 'Can post comments.', 'perm' => MSZ_PERM_COMMENTS_CREATE, - 'value' => manage_perms_value( - MSZ_PERM_COMMENTS_CREATE, - $rawPerms['comments_perms_allow'], - $rawPerms['comments_perms_deny'] - ), ], [ 'section' => 'edit-own', 'title' => 'Can edit own comments.', 'perm' => MSZ_PERM_COMMENTS_EDIT_OWN, - 'value' => manage_perms_value( - MSZ_PERM_COMMENTS_EDIT_OWN, - $rawPerms['comments_perms_allow'], - $rawPerms['comments_perms_deny'] - ), ], [ 'section' => 'edit-any', 'title' => 'Can edit anyone\'s comments.', 'perm' => MSZ_PERM_COMMENTS_EDIT_ANY, - 'value' => manage_perms_value( - MSZ_PERM_COMMENTS_EDIT_ANY, - $rawPerms['comments_perms_allow'], - $rawPerms['comments_perms_deny'] - ), ], [ 'section' => 'delete-own', 'title' => 'Can delete own comments.', 'perm' => MSZ_PERM_COMMENTS_DELETE_OWN, - 'value' => manage_perms_value( - MSZ_PERM_COMMENTS_DELETE_OWN, - $rawPerms['comments_perms_allow'], - $rawPerms['comments_perms_deny'] - ), ], [ 'section' => 'delete-any', 'title' => 'Can delete anyone\'s comments.', 'perm' => MSZ_PERM_COMMENTS_DELETE_ANY, - 'value' => manage_perms_value( - MSZ_PERM_COMMENTS_DELETE_ANY, - $rawPerms['comments_perms_allow'], - $rawPerms['comments_perms_deny'] - ), ], [ 'section' => 'pin', 'title' => 'Can pin comments.', 'perm' => MSZ_PERM_COMMENTS_PIN, - 'value' => manage_perms_value( - MSZ_PERM_COMMENTS_PIN, - $rawPerms['comments_perms_allow'], - $rawPerms['comments_perms_deny'] - ), ], [ 'section' => 'lock', 'title' => 'Can lock comment threads.', 'perm' => MSZ_PERM_COMMENTS_LOCK, - 'value' => manage_perms_value( - MSZ_PERM_COMMENTS_LOCK, - $rawPerms['comments_perms_allow'], - $rawPerms['comments_perms_deny'] - ), ], [ 'section' => 'vote', 'title' => 'Can like or dislike comments.', 'perm' => MSZ_PERM_COMMENTS_VOTE, - 'value' => manage_perms_value( - MSZ_PERM_COMMENTS_VOTE, - $rawPerms['comments_perms_allow'], - $rawPerms['comments_perms_deny'] - ), ], ], ], @@ -439,40 +334,25 @@ function manage_perms_list(array $rawPerms): array 'section' => 'manage-changes', 'title' => 'Can manage changes.', 'perm' => MSZ_PERM_CHANGELOG_MANAGE_CHANGES, - 'value' => manage_perms_value( - MSZ_PERM_CHANGELOG_MANAGE_CHANGES, - $rawPerms['changelog_perms_allow'], - $rawPerms['changelog_perms_deny'] - ), ], [ 'section' => 'manage-tags', 'title' => 'Can manage tags.', 'perm' => MSZ_PERM_CHANGELOG_MANAGE_TAGS, - 'value' => manage_perms_value( - MSZ_PERM_CHANGELOG_MANAGE_TAGS, - $rawPerms['changelog_perms_allow'], - $rawPerms['changelog_perms_deny'] - ), ], [ 'section' => 'manage-actions', 'title' => 'Can manage action types.', 'perm' => MSZ_PERM_CHANGELOG_MANAGE_ACTIONS, - 'value' => manage_perms_value( - MSZ_PERM_CHANGELOG_MANAGE_ACTIONS, - $rawPerms['changelog_perms_allow'], - $rawPerms['changelog_perms_deny'] - ), ], ], ], - ]; + ]); } function manage_forum_perms_list(array $rawPerms): array { - return [ + return manage_perms_calculate($rawPerms, [ [ 'section' => 'forum', 'title' => 'Forum', @@ -481,143 +361,73 @@ function manage_forum_perms_list(array $rawPerms): array 'section' => 'can-list', 'title' => 'Can see the forum listed, but not access it.', 'perm' => MSZ_FORUM_PERM_LIST_FORUM, - 'value' => manage_perms_value( - MSZ_FORUM_PERM_LIST_FORUM, - $rawPerms['forum_perms_allow'], - $rawPerms['forum_perms_deny'] - ), ], [ 'section' => 'can-view', 'title' => 'Can view and access the forum.', 'perm' => MSZ_FORUM_PERM_VIEW_FORUM, - 'value' => manage_perms_value( - MSZ_FORUM_PERM_VIEW_FORUM, - $rawPerms['forum_perms_allow'], - $rawPerms['forum_perms_deny'] - ), ], [ 'section' => 'can-create-topic', 'title' => 'Can create topics.', 'perm' => MSZ_FORUM_PERM_CREATE_TOPIC, - 'value' => manage_perms_value( - MSZ_FORUM_PERM_CREATE_TOPIC, - $rawPerms['forum_perms_allow'], - $rawPerms['forum_perms_deny'] - ), ], [ 'section' => 'can-delete-topic', 'title' => 'Can delete topics (required a post delete permission).', 'perm' => MSZ_FORUM_PERM_DELETE_TOPIC, - 'value' => manage_perms_value( - MSZ_FORUM_PERM_DELETE_TOPIC, - $rawPerms['forum_perms_allow'], - $rawPerms['forum_perms_deny'] - ), ], [ 'section' => 'can-move-topic', 'title' => 'Can move topics between forums.', 'perm' => MSZ_FORUM_PERM_MOVE_TOPIC, - 'value' => manage_perms_value( - MSZ_FORUM_PERM_MOVE_TOPIC, - $rawPerms['forum_perms_allow'], - $rawPerms['forum_perms_deny'] - ), ], [ 'section' => 'can-lock-topic', 'title' => 'Can lock topics.', 'perm' => MSZ_FORUM_PERM_LOCK_TOPIC, - 'value' => manage_perms_value( - MSZ_FORUM_PERM_LOCK_TOPIC, - $rawPerms['forum_perms_allow'], - $rawPerms['forum_perms_deny'] - ), ], [ 'section' => 'can-sticky-topic', 'title' => 'Can make topics sticky.', 'perm' => MSZ_FORUM_PERM_STICKY_TOPIC, - 'value' => manage_perms_value( - MSZ_FORUM_PERM_STICKY_TOPIC, - $rawPerms['forum_perms_allow'], - $rawPerms['forum_perms_deny'] - ), ], [ 'section' => 'can-announce-topic', 'title' => 'Can make topics announcements.', 'perm' => MSZ_FORUM_PERM_ANNOUNCE_TOPIC, - 'value' => manage_perms_value( - MSZ_FORUM_PERM_ANNOUNCE_TOPIC, - $rawPerms['forum_perms_allow'], - $rawPerms['forum_perms_deny'] - ), ], [ 'section' => 'can-global-announce-topic', 'title' => 'Can make topics global announcements.', 'perm' => MSZ_FORUM_PERM_GLOBAL_ANNOUNCE_TOPIC, - 'value' => manage_perms_value( - MSZ_FORUM_PERM_GLOBAL_ANNOUNCE_TOPIC, - $rawPerms['forum_perms_allow'], - $rawPerms['forum_perms_deny'] - ), ], [ 'section' => 'can-create-post', 'title' => 'Can make posts (reply only, if create topic is disallowed).', 'perm' => MSZ_FORUM_PERM_CREATE_POST, - 'value' => manage_perms_value( - MSZ_FORUM_PERM_CREATE_POST, - $rawPerms['forum_perms_allow'], - $rawPerms['forum_perms_deny'] - ), ], [ 'section' => 'can-edit-post', 'title' => 'Can edit their own posts.', 'perm' => MSZ_FORUM_PERM_EDIT_POST, - 'value' => manage_perms_value( - MSZ_FORUM_PERM_EDIT_POST, - $rawPerms['forum_perms_allow'], - $rawPerms['forum_perms_deny'] - ), ], [ 'section' => 'can-edit-any-post', 'title' => 'Can edit any posts.', 'perm' => MSZ_FORUM_PERM_EDIT_ANY_POST, - 'value' => manage_perms_value( - MSZ_FORUM_PERM_EDIT_ANY_POST, - $rawPerms['forum_perms_allow'], - $rawPerms['forum_perms_deny'] - ), ], [ 'section' => 'can-delete-post', 'title' => 'Can delete own posts.', 'perm' => MSZ_FORUM_PERM_DELETE_POST, - 'value' => manage_perms_value( - MSZ_FORUM_PERM_DELETE_POST, - $rawPerms['forum_perms_allow'], - $rawPerms['forum_perms_deny'] - ), ], [ 'section' => 'can-delete-any-post', 'title' => 'Can delete any posts.', 'perm' => MSZ_FORUM_PERM_DELETE_ANY_POST, - 'value' => manage_perms_value( - MSZ_FORUM_PERM_DELETE_ANY_POST, - $rawPerms['forum_perms_allow'], - $rawPerms['forum_perms_deny'] - ), ], ], ], - ]; + ]); } diff --git a/src/perms.php b/src/perms.php index 3d2ced09..d4c34adb 100644 --- a/src/perms.php +++ b/src/perms.php @@ -13,9 +13,10 @@ define('MSZ_PERM_MODES', [ define('MSZ_PERMS_ALLOW', 'allow'); define('MSZ_PERMS_DENY', 'deny'); +define('MSZ_PERMS_OVERRIDE', 'override'); define('MSZ_PERM_SETS', [ - MSZ_PERMS_ALLOW, MSZ_PERMS_DENY + MSZ_PERMS_ALLOW, MSZ_PERMS_DENY, MSZ_PERMS_OVERRIDE, ]); function perms_get_keys(): array @@ -53,18 +54,39 @@ function perms_get_user(string $prefix, int $user): int return 0; } + if ($user === 1) { + return 0x7FFFFFFF; + } + + $allowKey = perms_get_key($prefix, MSZ_PERMS_ALLOW); + $denyKey = perms_get_key($prefix, MSZ_PERMS_DENY); + $overrideKey = perms_get_key($prefix, MSZ_PERMS_OVERRIDE); + $getPerms = db_prepare(" - SELECT BIT_OR(`{$prefix}_perms_allow`) &~ BIT_OR(`{$prefix}_perms_deny`) - FROM `msz_permissions` - WHERE (`user_id` = :user_id_1 AND `role_id` IS NULL) - OR ( - `user_id` IS NULL - AND `role_id` IN ( - SELECT `role_id` - FROM `msz_user_roles` - WHERE `user_id` = :user_id_2 + SELECT + (user.`{$allowKey}` &~ user.`{$denyKey}`) | ( + ( + SELECT + (BIT_OR(roles.`{$allowKey}`) &~ BIT_OR(roles.`{$denyKey}`)) | ( + ( + SELECT global.{$allowKey} | global.{$denyKey} + FROM `msz_permissions` as global + WHERE global.`user_id` IS NULL + AND global.`role_id` IS NULL + ) &~ BIT_OR(roles.`{$overrideKey}`) + ) + FROM `msz_permissions` as roles + WHERE roles.`user_id` IS NULL + AND roles.`role_id` IN ( + SELECT `role_id` + FROM `msz_user_roles` + WHERE `user_id` = :user_id_2 + ) + ) &~ user.`{$overrideKey}` ) - ) + FROM `msz_permissions` as user + WHERE user.`user_id` = :user_id_1 + AND user.`role_id` IS NULL "); $getPerms->bindValue('user_id_1', $user); $getPerms->bindValue('user_id_2', $user); @@ -77,8 +99,11 @@ function perms_get_role(string $prefix, int $role): int return 0; } + $allowKey = perms_get_key($prefix, MSZ_PERMS_ALLOW); + $denyKey = perms_get_key($prefix, MSZ_PERMS_DENY); + $getPerms = db_prepare(" - SELECT `{$prefix}_perms_allow` &~ `{$prefix}_perms_deny` + SELECT `{$allowKey}` &~ `{$denyKey}` FROM `msz_permissions` WHERE `role_id` = :role_id AND `user_id` IS NULL @@ -95,13 +120,12 @@ function perms_get_user_raw(int $user): array return $emptyPerms; } - $getPerms = db_prepare(' - SELECT - `' . implode('`, `', perms_get_keys()) . '` + $getPerms = db_prepare(sprintf(' + SELECT `%s` FROM `msz_permissions` WHERE `user_id` = :user_id AND `role_id` IS NULL - '); + ', implode('`, `', perms_get_keys()))); $getPerms->bindValue('user_id', $user); if (!$getPerms->execute()) { @@ -125,13 +149,12 @@ function perms_get_role_raw(int $role): array return $emptyPerms; } - $getPerms = db_prepare(' - SELECT - `' . implode('`, `', perms_get_keys()) . '` + $getPerms = db_prepare(sprintf(' + SELECT `%s` FROM `msz_permissions` WHERE `user_id` IS NULL AND `role_id` = :role_id - '); + ', implode('`, `', perms_get_keys()))); $getPerms->bindValue('role_id', $role); if (!$getPerms->execute()) { diff --git a/templates/manage/forum/forumperms.twig b/templates/manage/forum/forumperms.twig index e963f16f..71e6e901 100644 --- a/templates/manage/forum/forumperms.twig +++ b/templates/manage/forum/forumperms.twig @@ -5,6 +5,6 @@ {% block manage_content %}
{{ container_title((forum is defined ? forum.forum_name ~ ' ' : '') ~ 'Permissions for ' ~ role.role_name) }} - {{ permissions_table(perms) }} + {{ permissions_table(perms, true) }}
{% endblock %} diff --git a/templates/manage/macros.twig b/templates/manage/macros.twig index fa99353e..61056578 100644 --- a/templates/manage/macros.twig +++ b/templates/manage/macros.twig @@ -46,17 +46,17 @@ {{ perm.title }}
- {{ input_checkbox('perms[' ~ perms.section ~ '][' ~ perm.section ~ ']', '', perm.value == 'yes', 'permissions__choice permissions__choice--radio permissions__choice--yes', 'yes', true) }} + {{ input_checkbox('perms[' ~ perms.section ~ '][' ~ perm.section ~ '][value]', '', perm.value == 'yes', 'permissions__choice permissions__choice--radio permissions__choice--yes', 'yes', true) }}
- {{ input_checkbox('perms[' ~ perms.section ~ '][' ~ perm.section ~ ']', '', perm.value == 'no', 'permissions__choice permissions__choice--radio permissions__choice--no', 'no', true) }} + {{ input_checkbox('perms[' ~ perms.section ~ '][' ~ perm.section ~ '][value]', '', perm.value == 'no', 'permissions__choice permissions__choice--radio permissions__choice--no', 'no', true) }}
- {{ input_checkbox('perms[' ~ perms.section ~ '][' ~ perm.section ~ ']', '', perm.value == 'never', 'permissions__choice permissions__choice--radio permissions__choice--never', 'never', true) }} + {{ input_checkbox('perms[' ~ perms.section ~ '][' ~ perm.section ~ '][value]', '', perm.value == 'never', 'permissions__choice permissions__choice--radio permissions__choice--never', 'never', true) }}
{% if display_override %}
- {{ input_checkbox('perms[override][' ~ perms.section ~ '][' ~ perm.section ~ ']', '', false, 'permissions__choice permissions__choice--radio', 'never') }} + {{ input_checkbox('perms[' ~ perms.section ~ '][' ~ perm.section ~ '][override]', '', perm.override, 'permissions__choice permissions__choice--radio', 'never') }}
{% endif %} diff --git a/templates/manage/users/role.twig b/templates/manage/users/role.twig index 20abab77..003e9e1e 100644 --- a/templates/manage/users/role.twig +++ b/templates/manage/users/role.twig @@ -89,7 +89,7 @@ {% if can_manage_perms %}
{{ container_title('Permissions') }} - {{ permissions_table(permissions) }} + {{ permissions_table(permissions, true) }}
{% endif %} diff --git a/templates/manage/users/user.twig b/templates/manage/users/user.twig index f2f9b9a0..97f8300e 100644 --- a/templates/manage/users/user.twig +++ b/templates/manage/users/user.twig @@ -131,7 +131,7 @@ {% if can_manage_perms %}
{{ container_title('Permissions') }} - {{ permissions_table(permissions) }} + {{ permissions_table(permissions, true) }}
{% endif %}