wip #3753

diff --git a/src/Company.php b/src/Company.php
index e85905f094bb35b4442e7ae593a8792f22172540..9b9849b1a092496d2d3cfcf028e7930354c024eb 100644 (file)
--- a/src/Company.php
+++ b/src/Company.php
@@ -74,4 +74,13 @@ class Company extends CubistMagicAbstractModel
         $this->addField(['name' => 'e1_ws_grade',
             'type' => 'Hidden']);
     }
+
+    public function isOwner($user)
+    {
+        if (null === $user) {
+            return false;
+        }
+        /** @var $user User */
+        return in_array($this->id, $user->getManagedCompanies());
+    }
 }

diff --git a/src/Operations/LoginasOperation.php b/src/Operations/LoginasOperation.php
index e69a48a4a8321a32c40caeac6d3955aab74208e0..0983cef8fc2c176e82dd4cd48a0c5a4d82225f37 100644 (file)
--- a/src/Operations/LoginasOperation.php
+++ b/src/Operations/LoginasOperation.php
@@ -14,17 +14,18 @@ trait LoginasOperation
 
     protected function setupLoginasDefaults()
     {
-        if (can('manageusers')) {
-            $this->crud->addButtonFromView('line', 'loginas', 'user.loginas', 'end');
-        }
+        $this->crud->addButtonFromView('line', 'loginas', 'user.loginas', 'end');
     }
 
     protected function loginas($id)
     {
-        if (can('manageusers')) {
-            $user = User::find($id);
-            backpack_auth()->login($user);
-        }
+        $user = User::find($id);
+        backpack_auth()->login($user);
         return redirect('dashboard');
     }
+
+    public function canLoginas($user)
+    {
+        return $this->isOwner($user);
+    }
 }

diff --git a/src/Permissions.php b/src/Permissions.php
index e50c39f11d5bfe9c62e603264a704821262ed1c3..e8f5afe4f879c48c475acf2f2d8290b7ab227eb9 100644 (file)
--- a/src/Permissions.php
+++ b/src/Permissions.php
@@ -132,4 +132,18 @@ class Permissions
         }
         return [];
     }
+
+
+    /**
+     * @param $user integer
+     * @return array
+     */
+    public static function getManagedCompanies($user)
+    {
+        $data = self::_getData();
+        if (isset($data['managedCompanies'][$user])) {
+            return $data['managedCompanies'][$user];
+        }
+        return [];
+    }
 }

diff --git a/src/User.php b/src/User.php
index 0020e4b1b550ec2c2b316fa56f4c289837daab18..96a28d3f46ba53c692116bb3eb317aea478b5115 100644 (file)
--- a/src/User.php
+++ b/src/User.php
@@ -61,7 +61,7 @@ class User extends CubistMagicAuthenticatable
             'type' => 'Locale',
             'tab' => 'Settings']);
 
-        $extranetv1 = ['settings', 'ws_password', 'ws_settings', 'ws_rights', 'ws_domains','ws_count', 'login', 'mobile', 'fax', 'notes', 'grade', 'resetpassword'];
+        $extranetv1 = ['settings', 'ws_password', 'ws_settings', 'ws_rights', 'ws_domains', 'ws_count', 'login', 'mobile', 'fax', 'notes', 'grade', 'resetpassword'];
 
         foreach ($extranetv1 as $f) {
             $this->addField(['name' => 'e1_' . $f,
@@ -121,5 +121,22 @@ class User extends CubistMagicAuthenticatable
         return $res;
     }
 
+    public function getManagedCompanies()
+    {
+        start_measure('_get_managed_companies', 'Get managed companies');
+        $res = Permissions::getManagedCompanies($this->id);
+        stop_measure('_get_managed_companies');
+        return $res;
+    }
+
+    public function isOwner($user)
+    {
+        if (null === $user) {
+            return false;
+        }
+        /** @var $user self */
+        return in_array($this->id, $user->getManagedUsers());
+    }
+
 
 }