User the self userId when calculating the permissions

internet2 · Apr 6, 2024 · 166bca7 · 166bca7
1 parent eaf2117
commit 166bca7
Showing 1 changed file with 8 additions and 2 deletions.
diff --git a/Controller/GrouperGroupsController.php b/Controller/GrouperGroupsController.php
@@ -248,10 +248,15 @@ public function findSubscriber(): void
   }
 
   /**
+   * @param   bool  $self   By passes the actAsIdentifier condition
+   *
    * @return null|string
    */
-  public function getUserId(): ?string
+  public function getUserId(bool $self = false): ?string
   {
+    if($self) {
+      return $this->userId;
+    }
     // XXX We are anot acting as but we are impersonating an other user. As a result
     //     both the actor and the user need to have the same identifier
     return $this->actAsIdentifier ?? $this->userId;
@@ -508,7 +513,8 @@ public function isAuthorized(): array|bool
     $isActAsEligibilityGroupmember = false;
 
     if(!empty($eligibleGroup)) {
-      $isActAsEligibilityGroupmember = $this->GrouperGroup->isGroupMember($this->getUserId(), $eligibleGroup, $cfg);
+      $isActAsEligibilityGroupmember = $this->GrouperGroup->isGroupMember($this->getUserId(self: true),
+                                                                          $eligibleGroup, $cfg);
     }
 
     // Determine what operations this user can perform