From fa8975cdd943fc59abb191376b0bf02011481dd0 Mon Sep 17 00:00:00 2001
From: Andrew Paxley <andrewandante@gmail.com>
Date: Thu, 15 Jun 2023 12:09:35 +1200
Subject: [PATCH] ENH add check for specific user inherited permission

---
 src/File.php | 32 ++++++++++++++++++++++++++++++--
 1 file changed, 30 insertions(+), 2 deletions(-)

diff --git a/src/File.php b/src/File.php
index a6dfb855..cd726230 100644
--- a/src/File.php
+++ b/src/File.php
@@ -397,6 +397,14 @@ public function canView($member = null)
             return $member->inGroups($this->ViewerGroups());
         }
 
+        // Specific users can view this file
+        if ($this->CanViewType === InheritedPermissions::ONLY_THESE_MEMBERS) {
+            if (!$member) {
+                return false;
+            }
+            return \in_array($member->ID, $this->ViewerMembers()->column('ID'), true);
+        }
+
         // Check default root level permissions
         return $this->getPermissionChecker()->canView($this->ID, $member);
     }
@@ -423,10 +431,26 @@ public function canEdit($member = null)
         }
 
         // Delegate to parent if inheriting permissions
-        if ($this->CanEditType === 'Inherit' && $this->ParentID) {
+        if ($this->CanEditType === InheritedPermissions::INHERIT && $this->ParentID) {
             return $this->getPermissionChecker()->canEdit($this->ParentID, $member);
         }
 
+        // Specific user groups can edit this file
+        if ($this->CanEditType === InheritedPermissions::ONLY_THESE_USERS) {
+            if (!$member) {
+                return false;
+            }
+            return $member->inGroups($this->EditorGroups());
+        }
+
+        // Specific users can edit this file
+        if ($this->CanEditType === InheritedPermissions::ONLY_THESE_MEMBERS) {
+            if (!$member) {
+                return false;
+            }
+            return \in_array($member->ID, $this->EditorMembers()->column('ID'), true);
+        }
+
         // Check inherited permissions
         return $this->getPermissionChecker()->canEdit($this->ID, $member);
     }
@@ -518,7 +542,11 @@ private function hasRestrictedPermissions(File $file): bool
         $id = $file->ID;
         $parentID = $file->ParentID;
         $canViewType = $file->CanViewType;
-        if (in_array($canViewType, [InheritedPermissions::LOGGED_IN_USERS, InheritedPermissions::ONLY_THESE_USERS])) {
+        if (in_array($canViewType, [
+                InheritedPermissions::LOGGED_IN_USERS,
+                InheritedPermissions::ONLY_THESE_USERS,
+                InheritedPermissions::ONLY_THESE_MEMBERS,
+            ])) {
             self::$has_restricted_permissions_cache[$id] = true;
             return true;
         }