From 61a55c888889a1ec3376a7a3bba230dc15a378a4 Mon Sep 17 00:00:00 2001
From: Frédéric Guillot <fred@kanboard.net>
Date: Wed, 30 Jan 2019 20:59:25 -0800
Subject: Check if user role has changed while the session is open

---
 app/Model/UserModel.php | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'app/Model')

diff --git a/app/Model/UserModel.php b/app/Model/UserModel.php
index c44fd3e7..d8db3270 100644
--- a/app/Model/UserModel.php
+++ b/app/Model/UserModel.php
@@ -29,6 +29,15 @@ class UserModel extends Base
      */
     const EVERYBODY_ID = -1;
 
+    public function isValidSession($userID, $sessionRole)
+    {
+        return $this->db->table(self::TABLE)
+            ->eq('id', $userID)
+            ->eq('is_active', 1)
+            ->eq('role', $sessionRole)
+            ->exists();
+    }
+
     /**
      * Return true if the user exists
      *
-- 
cgit v1.2.3