X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/b9a58859a4ef14b7971ca7d07318e1ac6f276b40..refs/pull/3391/head:/app/Auth/User.php

diff --git a/app/Auth/User.php b/app/Auth/User.php
index dc28aa9b7..4e2183244 100644
--- a/app/Auth/User.php
+++ b/app/Auth/User.php
@@ -72,22 +72,20 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
      */
     protected $hidden = [
         'password', 'remember_token', 'system_name', 'email_confirmed', 'external_auth_id', 'email',
-        'created_at', 'updated_at', 'image_id',
+        'created_at', 'updated_at', 'image_id', 'roles', 'avatar', 'user_id',
     ];
 
     /**
      * This holds the user's permissions when loaded.
-     *
-     * @var ?Collection
      */
-    protected $permissions;
+    protected ?Collection $permissions;
 
     /**
      * This holds the default user when loaded.
      *
      * @var null|User
      */
-    protected static $defaultUser = null;
+    protected static ?User $defaultUser = null;
 
     /**
      * Returns the default public user.
@@ -146,7 +144,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
      */
     public function attachDefaultRole(): void
     {
-        $roleId = setting('registration-role');
+        $roleId = intval(setting('registration-role'));
         if ($roleId && $this->roles()->where('id', '=', $roleId)->count() === 0) {
             $this->roles()->attach($roleId);
         }
@@ -178,7 +176,6 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
             ->leftJoin('permission_role', 'ru.role_id', '=', 'permission_role.role_id')
             ->leftJoin('role_permissions', 'permission_role.permission_id', '=', 'role_permissions.id')
             ->where('ru.user_id', '=', $this->id)
-            ->get()
             ->pluck('name');
 
         return $this->permissions;