wip #5873 @0.25

diff --git a/src/app/Models/User.php b/src/app/Models/User.php
index 516e3d8f232bf95b25aaafaa6c7089374ef67b32..fa41660e400d8a526a64b54683979ad1684fde6f 100644 (file)
--- a/src/app/Models/User.php
+++ b/src/app/Models/User.php
@@ -221,6 +221,20 @@ class User extends CubistMagicAuthenticatable implements HasLocalePreference
         return isset(self::$_companyNames[$id]) ? self::$_companyNames[$id] : $id;
     }
 
+    public function isDisabled()
+    {
+        return parent::isDisabled() || $this->isCompanyAccessDisabled();
+    }
+
+    protected function isCompanyAccessDisabled()
+    {
+        $company = Company::find($this->company);
+        if (null === $company || !$company->toolbox_access) {
+            return true;
+        }
+        return false;
+    }
+
     public function getManagedUsers()
     {
         if (null === $this->_managedUsers) {

diff --git a/src/app/Operations/LoginasOperation.php b/src/app/Operations/LoginasOperation.php
index baaa820eebf43cfdc971e88053b80100f19ea2b8..2953264706627a737699d8453be4740b939ab4b3 100644 (file)
--- a/src/app/Operations/LoginasOperation.php
+++ b/src/app/Operations/LoginasOperation.php
@@ -22,12 +22,11 @@ trait LoginasOperation
     {
         set_time_limit(0);
         /** @var User $user */
-        $user = User::where('id', $id)->where('enabled', '1')->first();
+        $user = User::where('id', $id)->first();
         if (null === $user) {
             abort(404);
         }
-        $company = Company::find($user->company);
-        if (null === $company || !$company->toolbox_access) {
+        if($user->isDisabled()){
             abort(404);
         }
         if (!$this->canLoginas($user)) {