allow search content permissions to support roles

2024-07-17 19:34:19 -04:00 · 2024-07-17 19:34:19 -04:00 · 45afbbdac6
commit 45afbbdac6
parent 0c80e28754
1 changed files with 16 additions and 5 deletions
--- a/Oqtane.Server/Services/SearchService.cs
+++ b/Oqtane.Server/Services/SearchService.cs
@ -90,12 +90,23 @@ namespace Oqtane.Services
            var visible = true;
            foreach (var permission in searchContent.Permissions.Split(','))
            {
-                var entityName = permission.Split(":")[0];
-                var entityId = int.Parse(permission.Split(":")[1]);
-                if (!_userPermissions.IsAuthorized(_accessor.HttpContext.User, searchQuery.SiteId, entityName, entityId, PermissionNames.View))
+                if (permission.Contains(":")) // permission
                {
-                    visible = false;
-                    break;
+                    var entityName = permission.Split(":")[0];
+                    var entityId = int.Parse(permission.Split(":")[1]);
+                    if (!_userPermissions.IsAuthorized(_accessor.HttpContext.User, searchQuery.SiteId, entityName, entityId, PermissionNames.View))
+                    {
+                        visible = false;
+                        break;
+                    }
+                }
+                else // role name
+                {
+                    if (!_accessor.HttpContext.User.IsInRole(permission))
+                    {
+                        visible = false;
+                        break;
+                    }
                }
            }
            return visible;