Check if permissions are enabled before enforcing them

cicnavi · cicnavi · commit 960c31987910 · 2025-04-29T10:18:55.000+02:00
diff --git a/src/Services/AuthContextService.php b/src/Services/AuthContextService.php
@@ -31,11 +31,6 @@ public function __construct(
     ) {
     }
 
-    public function isSspAdmin(): bool
-    {
-        return $this->sspBridge->utils()->auth()->isAdmin();
-    }
-
     /**
      * @throws \SimpleSAML\Error\Exception
      * @throws \Exception
@@ -57,8 +52,6 @@ public function getAuthUserId(): string
      */
     public function requirePermission(string $neededPermission): void
     {
-        $auth = $this->authenticate();
-
         $permissions = $this->moduleConfig
             ->config()
             ->getOptionalConfigItem(ModuleConfig::OPTION_ADMIN_UI_PERMISSIONS, null);
@@ -69,6 +62,9 @@ public function requirePermission(string $neededPermission): void
         if (!$permissions->hasValue($neededPermission)) {
             throw new RuntimeException('No permission defined for ' . $neededPermission);
         }
+
+        $auth = $this->authenticate();
+
         $attributeName = $permissions->getString('attribute');
         /** @var string[] $entitlements */
         $entitlements = $auth->getAttributes()[$attributeName] ?? [];
