1 files changed, 21 insertions, 7 deletions

diff --git a/perllib/FixMyStreet/DB/Result/User.pm b/perllib/FixMyStreet/DB/Result/User.pm
index 363bbb930..2a2d0d5e3 100644
--- a/perllib/FixMyStreet/DB/Result/User.pm
+++ b/perllib/FixMyStreet/DB/Result/User.pm
@@ -257,15 +257,14 @@ sub permissions {
 }
 
 sub has_permission_to {
-    my ($self, $permission_type, $body_id) = @_;
+    my ($self, $permission_type, $body_ids) = @_;
 
     return 1 if $self->is_superuser;
+    return 0 unless $body_ids;
 
-    return 0 unless $self->belongs_to_body($body_id);
-
-    my $permission = $self->user_body_permissions->find({ 
+    my $permission = $self->user_body_permissions->find({
             permission_type => $permission_type,
-            body_id => $self->from_body->id,
+            body_id => $body_ids,
         });
     return $permission ? 1 : 0;
 }
@@ -293,10 +292,25 @@ sub has_body_permission_to {
     return $self->has_permission_to($permission_type, $self->from_body->id);
 }
 
+=head2 admin_user_body_permissions
+
+Some permissions aren't managed in the normal way via the admin, e.g. the
+'trusted' permission. This method returns a query that excludes such exceptional
+permissions.
+
+=cut
+
+sub admin_user_body_permissions {
+    my $self = shift;
+
+    return $self->user_body_permissions->search({
+        permission_type => { '!=' => 'trusted' },
+    });
+}
+
 sub contributing_as {
     my ($self, $other, $c, $bodies) = @_;
-    $bodies = join(',', keys %$bodies) if ref $bodies eq 'HASH';
-    $c->log->error("Bad data $bodies passed to contributing_as") if ref $bodies;
+    $bodies = [ keys %$bodies ] if ref $bodies eq 'HASH';
     my $form_as = $c->get_param('form_as') || '';
     return 1 if $form_as eq $other && $self->has_permission_to("contribute_as_$other", $bodies);
 }