From ff31aff5c2418277fd0c40bf87cb0ee44ef02249 Mon Sep 17 00:00:00 2001
From: Josh Panter <joshu@unfettered.net>
Date: Tue, 28 Dec 2021 19:51:25 -0500
Subject: [PATCH] fix #34 (default role overides role assignment at times)

---
 README.md              |  1 +
 authMgrPlus/plugin.php | 37 ++++++++++++++++++++++++++-----------
 2 files changed, 27 insertions(+), 11 deletions(-)

diff --git a/README.md b/README.md
index 018ed4b..6294ebd 100644
--- a/README.md
+++ b/README.md
@@ -27,6 +27,7 @@ Installation
 1. Copy the `authMgrPlus` folder into your `user/plugins` folder for YOURLS.
 1. Set up some parameters for authMgrPlus (details below)
 1. Activate the plugin with the plugin manager in the YOURLS admin interface.
+1. If you have pre-existing links in your database, you will have to manually asign them a user via an sql querry.
 
 Default Roles
 -------------
diff --git a/authMgrPlus/plugin.php b/authMgrPlus/plugin.php
index 8e148ad..a59ffe7 100644
--- a/authMgrPlus/plugin.php
+++ b/authMgrPlus/plugin.php
@@ -268,11 +268,14 @@ function amp_have_capability( $capability ) {
 		// List capabilities of particular user role
 		$user = defined('YOURLS_USER') ? YOURLS_USER : NULL;
 		$user_caps = array();
-		foreach ( $amp_role_capabilities as $rolename => $rolecaps ) {
-				if ( amp_user_has_role( $user, $rolename ) ) {
-						$user_caps = array_merge( $user_caps, $rolecaps );
-				}
-		}
+		if ( amp_user_is_assigned ( $user ) )
+		    foreach ( $amp_role_capabilities as $rolename => $rolecaps )
+		        if ( amp_user_has_role( $user, $rolename ) )
+				    $user_caps = array_merge( $user_caps, $rolecaps );
+		
+		elseif ( isset( $amp_default_role )  && in_array ($amp_default_role, array_keys( $amp_role_capabilities ) ) )
+		    $user_caps = $amp_role_capabilities [ $amp_default_role ];
+		
 		$user_caps = array_unique( $user_caps );
 		// Is the requested capability in this list?
 		$return =  in_array( $capability, $user_caps );
@@ -287,15 +290,27 @@ function amp_have_capability( $capability ) {
 				break;
 		}
 	}
-	if( !$return ) {
-	    if ( isset( $amp_default_role )  && in_array ($amp_default_role, array_keys( $amp_role_capabilities ) ) ) {
-		$default_caps = $amp_role_capabilities [ $amp_default_role ];
-		$return =  in_array( $capability, $default_caps );
-	    }
-	}
+
 	return $return;
 }
 
+// Determine if a user has been assigned a role
+function amp_user_is_assigned ( $username ) {
+
+    global $amp_role_assignment;
+    if ( empty( $amp_role_assignment ) )
+	    return false;
+	    
+	$return = false;
+	
+    foreach ( $amp_role_assignment as $role )
+        if ( in_array( $username, $role ) ) {
+            $return = true;
+            break;
+        }
+    return $return;
+}
+
 // Determine whether a specific user has a role.
 function amp_user_has_role( $username, $rolename ) {