mirror/php-flarum
1
0
Fork 0
mirror of https://github.com/flarum/core.git synced 2025-07-25 02:31:17 +02:00
Code Issues Releases Wiki Activity

Check permission through the gate rather than directly on the actor

Browse Source
This commit is contained in:
Toby Zerner
2016-01-16 13:57:05 +10:30
parent f55aa4502c
commit 883feb5b69
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
framework/core/src/Core/Access/DiscussionPolicy.php
View File

@@ -69,7 +69,7 @@ class DiscussionPolicy extends AbstractPolicy
*/
public function find(User $actor, Builder $query)
{
if (! $actor->hasPermission('viewDiscussions')) {
if ($actor->cannot('viewDiscussions')) {
$query->whereRaw('FALSE');
} elseif (! $actor->hasPermission('discussion.hide')) {
$query->where(function ($query) use ($actor) {