Fix the access rules complience bug.

Author: dadish

src/Config.php

@@ -9,8 +9,23 @@
 
 class Config extends WireData {
 
+  /**
+   * Shortcut for our ProcessGraphQL module
+   * @var \ProcessWire\ProcessGraphQL
+   */
   protected $module;
 
+  /**
+   * Maps permission names into template access roles properties.
+   * @var array
+   */
+  protected $permissionToRoles = [
+    'page-view' => 'roles',
+    'page-edit' => 'editRoles',
+    'page-add' => 'addRoles',
+    'page-create' => 'createRoles',
+  ];
+
   public function __construct(ProcessGraphQL $module)
   {
     $this->module = $module;
@@ -72,7 +87,7 @@ protected function getLegalTemplatesForPermission($permission = 'page-view')
     // permissions
     if (Utils::moduleConfig()->grantTemplatesAccess) {
       foreach ($templates as $template) {
-        if ($template->useRoles && !$user->hasTemplatePermission($permission, $template)) {
+        if ($template->useRoles && !$this->hasTemplatePermission($permission, $user, $template)) {
           $templates->remove($template);
         }
       }
@@ -82,7 +97,7 @@ protected function getLegalTemplatesForPermission($permission = 'page-view')
     } else {
       $templates->filter("useRoles=1");
       foreach ($templates as $template) {
-        if (!$user->hasTemplatePermission($permission, $template)) {
+        if (!$this->hasTemplatePermission($permission, $user, $template)) {
           $templates->remove($template);
         }
       }
@@ -91,6 +106,24 @@ protected function getLegalTemplatesForPermission($permission = 'page-view')
     return $templates;
   }
 
+  /**
+   * Checks if the user has a particular permission on the given template
+   * @param  string   $name     The name of the permission. E.g. 'page-view', 'page-add'.
+   * @param  User     $user     The ProcessWire User
+   * @param  Template $template The ProcessWire Template
+   * @return boolean            Returns true if user has a permission on the target template and false otherwise
+   */
+  protected function hasTemplatePermission($name, \ProcessWire\User $user, \ProcessWire\Template $template)
+  {
+    $rolesName = $this->permissionToRoles[$name];
+    $templateRoles = $template->$rolesName;
+    if ($name === 'page-view') $templateRoles = $templateRoles->explode('id');
+    foreach ($user->roles as $role) {
+      if (in_array($role->id, $templateRoles)) return true;
+    }
+    return false;
+  }
+
   /**
    * Page cannot be created without it's required field
    * populated with value. Therefore only templates that