From: Dan Brown <redacted>
Date: Fri, 14 Oct 2022 15:03:06 +0000 (+0100)
Subject: Fixed permission row permission check
X-Git-Tag: v22.10~1^2~11^2^2
X-Git-Url: http://source.bookstackapp.com/bookstack/commitdiff_plain/refs/pull/3760/head?ds=sidebyside

Fixed permission row permission check
---

diff --git a/app/Http/Controllers/PermissionsController.php b/app/Http/Controllers/PermissionsController.php
index 9d50b834b..7d908733b 100644
--- a/app/Http/Controllers/PermissionsController.php
+++ b/app/Http/Controllers/PermissionsController.php
@@ -160,7 +160,7 @@ class PermissionsController extends Controller
      */
     public function formRowForRole(string $entityType, string $roleId)
     {
-        $this->checkPermissionOr('restrictions-manage', fn() => userCan('restrictions-manage-all'));
+        $this->checkPermissionOr('restrictions-manage-all', fn() => userCan('restrictions-manage-own'));
 
         $role = Role::query()->findOrFail($roleId);