From 05bf4325f9d3d8f65c0de650f016f5a3ffb0e076 Mon Sep 17 00:00:00 2001
From: Steel Wagstaff <steel@pressbooks.com>
Date: Tue, 17 Dec 2024 16:36:55 -0800
Subject: [PATCH] fix: update permissions for institutional managers

---
 src/Services/PermissionsManager.php | 5 +++++
 src/Support/helpers.php             | 3 ++-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/Services/PermissionsManager.php b/src/Services/PermissionsManager.php
index 2b429e1a..d1d6bd5b 100644
--- a/src/Services/PermissionsManager.php
+++ b/src/Services/PermissionsManager.php
@@ -197,6 +197,11 @@ private function currentUserHasAccess(string $currentPageParam, array $allowedBo
             }
         }
 
+        // Prevent institutional managers from editing pages on the root site
+        if ($currentBlogId === 1 && ($pagenow === 'edit.php' || $pagenow === 'post.php')) {
+            $isAccessAllowed = false;
+        }
+
         return $isAccessAllowed;
     }
 }
diff --git a/src/Support/helpers.php b/src/Support/helpers.php
index e44b9f4b..30dc85e5 100644
--- a/src/Support/helpers.php
+++ b/src/Support/helpers.php
@@ -69,7 +69,8 @@ function get_allowed_pages(): array
         'users.php',
         'export-personal-data.php',
         'erase-personal-data.php',
-        'options-privacy.php'
+        'options-privacy.php',
+        'site-new.php'
     ];
 }