From 07bcc8fda19655c97dfffe74b2f087878eaff97c Mon Sep 17 00:00:00 2001 From: Qiang Xue Date: Fri, 29 May 2015 10:42:32 -0400 Subject: [PATCH] Fixes #8595: Fixed `yii\rbac\DbManager::checkAccessFromCache()` to check against auth items loaded in cache recursively --- framework/CHANGELOG.md | 1 + framework/rbac/DbManager.php | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/framework/CHANGELOG.md b/framework/CHANGELOG.md index 5b22daa118..edc458adaa 100644 --- a/framework/CHANGELOG.md +++ b/framework/CHANGELOG.md @@ -14,6 +14,7 @@ Yii Framework 2 Change Log - Bug #8544: Fixed `yii\db\ActiveRecord` does not updates attribute specified at `optimisticLock()` after save (klimov-paul) - Bug #8585: Fixed `yii\helpers\Html::activeTextarea()` does not allow value overriding via options (klimov-paul) - Bug #8593: Fixed `yii\db\ActiveQuery` produces incorrect SQL for aggregations, when `sql` field is set (klimov-paul) +- Bug #8595: Fixed `yii\rbac\DbManager::checkAccessFromCache()` to check against auth items loaded in cache recursively (achretien, qiangxue) - Bug #8606: Fixed `yii\web\Response::xSendFile()` does not reset format (vyants) - Bug: Fixed string comparison in `BaseActiveRecord::unlink()` which may result in wrong comparison result for hash valued primary keys starting with `0e` (cebe) - Bug: Pass correct action name to `yii\console\Controller::options()` when default action was requested (cebe) diff --git a/framework/rbac/DbManager.php b/framework/rbac/DbManager.php index 5df9e7cd04..fd30919273 100644 --- a/framework/rbac/DbManager.php +++ b/framework/rbac/DbManager.php @@ -158,7 +158,7 @@ class DbManager extends BaseManager if (!empty($this->parents[$itemName])) { foreach ($this->parents[$itemName] as $parent) { - if ($this->checkAccessRecursive($user, $parent, $params, $assignments)) { + if ($this->checkAccessFromCache($user, $parent, $params, $assignments)) { return true; } }