Awaiting feedback hasAdminPermission should check if permission exists for super admin

[XFA]

Affected version

2.X

I am not sure if this could be considered as a bug or rather a suggestion.

If an admin permission is not defined, e.g. because corresponding add-on is not installed, hasAdminPermission should evaluate as false, even for super admins.

 

[Jeremy P]

Can you expand on the use case? Super-admins should pass all permission checks. If you depend on another add-on for a permission to exist, it should be required in addon.json or checked via \XF::isAddOnActive(...) (PHP) or is_addon_active(...) (templates).

 

[XFA]

The use case was for admin navigation.

In admin navigation when you develop an add-on, you can define admin navigation based on some admin permission, which get correctly exported.

However, when the user installs the add-on, the navigation for those admin permissions that belongs to non installed add-ons return true and the navigation link is displayed, I would have expected it not to display (i.e. field does not exist => false returned).

The add-on being installed is not a strict requirement so I wouldn't be putting it the addon json and you can't check those permissions with isAddOnActive or is_addon_active.

Hope it clarifies.