From 26f0b32c086452c0e1f4af4969d1ba841419f03c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Laurent=20L=C3=A9cluse?= <laurent.lecluse@unicaen.fr>
Date: Wed, 2 Mar 2016 10:30:11 +0000
Subject: [PATCH] =?UTF-8?q?Correction=20de=20bug=20:=20les=20droits=20sont?=
 =?UTF-8?q?=20appliquables=20m=C3=AAme=20si=20on=20n'est=20pas=20connect?=
 =?UTF-8?q?=C3=A9=20(r=C3=B4le=20guest)=20ou=20qu'on=20est=20connect=C3=A9?=
 =?UTF-8?q?=20sans=20avoir=20de=20r=C3=B4le=20pr=C3=A9cis=20(user)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/UnicaenAuth/Service/AuthorizeService.php | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/src/UnicaenAuth/Service/AuthorizeService.php b/src/UnicaenAuth/Service/AuthorizeService.php
index 47f837b..44eb495 100644
--- a/src/UnicaenAuth/Service/AuthorizeService.php
+++ b/src/UnicaenAuth/Service/AuthorizeService.php
@@ -47,7 +47,18 @@ class AuthorizeService extends \BjyAuthorize\Service\Authorize
         $this->loaded && $this->loaded->__invoke();
         if ($this->loading) return 'bjyauthorize-identity';
 
-        return $this->getServiceUserContext()->getSelectedIdentityRole();
+        // on retourne par défaut le rôle sélectionné
+        $role = $this->getServiceUserContext()->getSelectedIdentityRole();
+        if ($role) return $role;
+
+        $roles = $this->getIdentityProvider()->getIdentityRoles();
+        // sinon, si on est uniquement authentifié et que user est défini, on retourne le rôle user
+        if (isset($roles['user'])) return $roles['user'];
+        // sinon, si guest est défini alors on retourne guest
+        if (isset($roles['guest'])) return $roles['guest'];
+
+        // sinon rien du tout!!
+        return null;
     }
 
 
-- 
GitLab