Added manual deleted_at checks (#4051)

Fixes #4046 It is possible that the user model gets fetched using the SoftDelete trait before the relevant migrations were applied during an update. To fix this edge case the user model is always fetched using the withTrashed scope and the deleted_at check is done manually afterwards. @see https://github.com/octobercms/october/issues/3999
2019-01-18 21:42:25 +01:00 · 2019-01-18 21:42:25 +01:00 · 67ee2229a5
parent 7232e7a29d
commit 67ee2229a5
1 changed files with 28 additions and 0 deletions
--- a/modules/backend/classes/AuthManager.php
+++ b/modules/backend/classes/AuthManager.php
@ -162,6 +162,34 @@ class AuthManager extends RainAuthManager
        return $tabs;
    }

+    /**
+     * {@inheritdoc}
+     */
+    protected function createUserModelQuery()
+    {
+        return parent::createUserModelQuery()->withTrashed();
+    }
+
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function validateUserModel($user)
+    {
+        if ( ! $user instanceof $this->userModel) {
+            return false;
+        }
+
+        // Perform the deleted_at check manually since the relevant migrations
+        // might not have been run yet during the update to build 444.
+        // @see https://github.com/octobercms/october/issues/3999
+        if (array_key_exists('deleted_at', $user->getAttributes()) && $user->deleted_at !== null) {
+            return false;
+        }
+
+        return $user;
+    }
+
    /**
     * Returns an array of registered permissions belonging to a given role code
     * @param string $role