diff options
Diffstat (limited to 'app/Core/Ldap/User.php')
| -rw-r--r-- | app/Core/Ldap/User.php | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/app/Core/Ldap/User.php b/app/Core/Ldap/User.php index 4bc1f5f9..63bd1ccb 100644 --- a/app/Core/Ldap/User.php +++ b/app/Core/Ldap/User.php @@ -120,17 +120,25 @@ class User return null; } + // Init with smallest role + $role = Role::APP_USER ; + foreach ($groupIds as $groupId) { $groupId = strtolower($groupId); if ($groupId === strtolower($this->getGroupAdminDn())) { - return Role::APP_ADMIN; - } elseif ($groupId === strtolower($this->getGroupManagerDn())) { - return Role::APP_MANAGER; + // Highest role found : we can and we must exit the loop + $role = Role::APP_ADMIN; + break; + } + + if ($groupId === strtolower($this->getGroupManagerDn())) { + // Intermediate role found : we must continue to loop, maybe admin role after ? + $role = Role::APP_MANAGER; } } - return Role::APP_USER; + return $role; } /** |