The previous implementation has issues with role orders.
Consider the following example:
The config has the following permissions set:
['strapi-super-admin', 'strapi-editor']
And the user has the permissions:
['strapi-editor', 'strapi-author']
In the previous implementation, on the first iteration of adminRoles, it will set hasPermission to true and set it back to false on the second iteration. This PR fixes that so that it immediately returns on the first time it detects hasPermission is set to true which entirely skips all the remaining iterations. If hasPermission never becomes true, it just throws an error
The previous implementation has issues with role orders. Consider the following example: The config has the following permissions set:
And the user has the permissions:
In the previous implementation, on the first iteration of
adminRoles
, it will sethasPermission
totrue
and set it back tofalse
on the second iteration. This PR fixes that so that it immediately returns on the first time it detectshasPermission
is set to true which entirely skips all the remaining iterations. If hasPermission never becomes true, it just throws an error