HasAccess function return false if a user have multiple roles and different permission about sentinel HOT 8 CLOSED

Are you trying to use the hasAccess method to determine if the user has the cus_prm role set?

Or are you using the hasAccess to determine if one of the roles permissions are allowed?

From what you wrote, seems the first one, but i don't know exactly what you're trying to achieve as the steps to reproduce is unclear.

from sentinel.

Or are you using the hasAccess to determine if one of the roles permissions are allowed?

yes.

the user have cus_prm and customer roles. I want to check if the cus_prm is allowed to access the team.index. team.show URI and customer not allowed to access the URIs

from sentinel.

Ok, i think the "issue" is that, if one of those permissions are denied, Sentinel will use those, which is by default.

You can change the behaviour, but you need to implement your permissions logic by creating a Permissions class and tell Sentinel to use it on the config file or at runtime (should work too) or set those specific permissions at user level.

Don't believe it's a bug or an issue, it's a design feature more or less for security.

from sentinel.

Ok. Understood. But It will be better if we can specify which role to be considered for checking the permission on the hasAccess method.

from sentinel.

Don't believe that's possible/doable on default behavior, you probably need to create your own logic for this.

from sentinel.

Okay.

from sentinel.

We are open to pull requests, so you're more than welcomed to submit a pull request that adds such functionality if you feel like it :)

from sentinel.

We are open to pull requests, so you're more than welcomed to submit a pull request that adds such functionality if you feel like it :)

Okay

from sentinel.