permission updates

2023-01-10 08:20:32 -05:00 · 2023-01-10 08:20:32 -05:00 · c2375c897d
commit c2375c897d
parent ea463a6548
2 changed files with 3 additions and 1 deletions
--- a/Oqtane.Server/Controllers/SettingController.cs
+++ b/Oqtane.Server/Controllers/SettingController.cs
@ -229,7 +229,8 @@ namespace Oqtane.Controllers
                    authorized = true;
                    if (permissionName == PermissionNames.Edit)
                    {
-                        authorized = User.IsInRole(RoleNames.Admin) || _userPermissions.IsAuthorized(User, _alias.SiteId, entityName, entityId, permissionName);
+                        authorized = _userPermissions.IsAuthorized(User, _alias.SiteId, entityName, entityId, permissionName) ||
+                            _userPermissions.IsAuthorized(User, _alias.SiteId, entityName, -1, PermissionNames.Write, RoleNames.Admin);
                    }
                    break;
            }
--- a/Oqtane.Server/Repository/PermissionRepository.cs
+++ b/Oqtane.Server/Repository/PermissionRepository.cs
@ -97,6 +97,7 @@ namespace Oqtane.Repository
                    if (current.IsAuthorized != permission.IsAuthorized)
                    {
                        current.IsAuthorized = permission.IsAuthorized;
+                        current.Role = null; // remove linked reference to Role which can cause errors in EF Core change tracking
                        _db.Entry(current).State = EntityState.Modified;
                        modified = true;
                    }