From b0af05880bbee21464252ff50df1eb92eb53aaa8 Mon Sep 17 00:00:00 2001
From: ilhooq <contact@sphilip.com>
Date: Thu, 3 Oct 2024 19:56:16 +0200
Subject: [PATCH] Correction bug Autorisation dans AdminController

---
 modules/user/controllers/AdminController.php | 22 ++++++++------------
 1 file changed, 9 insertions(+), 13 deletions(-)

diff --git a/modules/user/controllers/AdminController.php b/modules/user/controllers/AdminController.php
index c9155a3..da7cad3 100644
--- a/modules/user/controllers/AdminController.php
+++ b/modules/user/controllers/AdminController.php
@@ -11,9 +11,11 @@ namespace app\modules\user\controllers;
 use Piko\HttpException;
 use function Piko\I18n\__;
 use Piko\User as PikoUser;
+use app\modules\user\Module;
 use app\modules\user\models\Role;
 use app\modules\user\models\User;
 use app\modules\user\models\Permission;
+use Piko\Controller\Event\BeforeActionEvent;
 
 /**
  * User admin controller
@@ -36,21 +38,15 @@ class AdminController extends \Piko\Controller
         $db = $app->getComponent('PDO');
         assert($db instanceof \PDO);
         $this->db = $db;
-    }
 
-    /**
-     * {@inheritDoc}
-     * @see \piko\Controller::runAction()
-     */
-    public function runAction($id)
-    {
-        assert($this->module instanceof \app\modules\user\Module);
+        $this->on(BeforeActionEvent::class, function () {
+            $module = $this->module;
+            assert($module instanceof Module);
 
-        if (!$this->user->can($this->module->adminRole)) {
-            throw new HttpException('Not authorized.', 403);
-        }
-
-        return parent::runAction($id);
+            if (!$this->user->can($module->adminRole)) {
+                throw new HttpException(403, 'Not authorized.');
+            }
+        });
     }
 
     /**