From 45afbbdac62d2c420eb439b5862967f176d0ad27 Mon Sep 17 00:00:00 2001
From: sbwalker <shaun.walker@siliqon.com>
Date: Wed, 17 Jul 2024 19:34:19 -0400
Subject: [PATCH] allow search content permissions to support roles

---
 Oqtane.Server/Services/SearchService.cs | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/Oqtane.Server/Services/SearchService.cs b/Oqtane.Server/Services/SearchService.cs
index 06f8c46b..29323071 100644
--- a/Oqtane.Server/Services/SearchService.cs
+++ b/Oqtane.Server/Services/SearchService.cs
@@ -90,12 +90,23 @@ namespace Oqtane.Services
             var visible = true;
             foreach (var permission in searchContent.Permissions.Split(','))
             {
-                var entityName = permission.Split(":")[0];
-                var entityId = int.Parse(permission.Split(":")[1]);
-                if (!_userPermissions.IsAuthorized(_accessor.HttpContext.User, searchQuery.SiteId, entityName, entityId, PermissionNames.View))
+                if (permission.Contains(":")) // permission
                 {
-                    visible = false;
-                    break;
+                    var entityName = permission.Split(":")[0];
+                    var entityId = int.Parse(permission.Split(":")[1]);
+                    if (!_userPermissions.IsAuthorized(_accessor.HttpContext.User, searchQuery.SiteId, entityName, entityId, PermissionNames.View))
+                    {
+                        visible = false;
+                        break;
+                    }
+                }
+                else // role name
+                {
+                    if (!_accessor.HttpContext.User.IsInRole(permission))
+                    {
+                        visible = false;
+                        break;
+                    }
                 }
             }
             return visible;