From 2bfec0df03f7db41a6c77eafc6bd4db49c42af23 Mon Sep 17 00:00:00 2001
From: Thomas Rubini <74205383+ThomasRubini@users.noreply.github.com>
Date: Tue, 24 Jan 2023 20:47:32 +0100
Subject: [PATCH] force admin status everywhere on ManagerUser Controller

---
 Controllers/ManageUserController.php | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/Controllers/ManageUserController.php b/Controllers/ManageUserController.php
index 8c7d7ed..8c88ad6 100644
--- a/Controllers/ManageUserController.php
+++ b/Controllers/ManageUserController.php
@@ -5,12 +5,15 @@ final class ManageUserController
 
     public function defaultAction(Array $A_urlParams = null, Array $A_postParams = null, Array $A_getParams = null)
     {
+        Session::admin_or_die();
+        
         self::searchAction($A_urlParams, $A_postParams, $A_getParams);
     }
 
     public function searchAction(Array $A_urlParams = null, Array $A_postParams = null, Array $A_getParams = null)
     {
         Session::admin_or_die();
+
         if (isset($A_getParams["query"])) {
             self::searchQueryViewAction($A_urlParams, $A_postParams, $A_getParams);
         } else {
@@ -20,11 +23,15 @@ final class ManageUserController
     
     private function searchViewAction(Array $A_urlParams = null, Array $A_postParams = null, Array $A_getParams = null)
     {
+        Session::admin_or_die();
+
         View::show("manageUser/manage_users", array("QUERY" => null));
     }
     
     private function searchQueryViewAction(Array $A_urlParams = null, Array $A_postParams = null, Array $A_getParams = null)
     {
+        Session::admin_or_die();
+
         $S_query = $A_getParams["query"];
 
         $A_results = UserModel::searchUsers($S_query);