Fix: ControllerAccess json rule

Fix: Compatibility with old empty rule acl behavior

protected/humhub/components/access/ControllerAccess.php

@@ -326,7 +326,7 @@ class ControllerAccess extends Object
     /**
      * @return bool makes sure the response type is json
      */
-    public function validateJson()
+    public function validateJsonResponse()
     {
         Yii::$app->response->format = 'json';
         return true;

protected/humhub/components/behaviors/AccessControl.php

@@ -56,7 +56,7 @@ class AccessControl extends \yii\base\ActionFilter
      *
      * @var array
      */
-    public $rules = [];
+    public $rules = null;
 
     /**
      * Action ids which are allowed when Guest Mode is enabled
@@ -133,14 +133,19 @@ class AccessControl extends \yii\base\ActionFilter
      *
      * @return ControllerAccess
      */
-    protected function getControllerAccess($rules = [])
+    protected function getControllerAccess($rules = null)
     {
+        if($rules === null) {
+            $rules = [['strict']];
+        }
+
         $instance = null;
         if(method_exists($this->owner, 'getAccess')) {
             $instance = $this->owner->getAccess();
         }
 
         if(!$instance) {
+            // fixes legacy behavior settings compatibility issue with no rules given
             $instance = new ControllerAccess();
         }
 

protected/humhub/docs/CHANGELOG.md

@@ -16,7 +16,7 @@ Important note for LDAP users: There is a new setting "ID Attribute" which shoul
 - Enh: Added possibility to sort groups in directory
 - Enh: Removed LDAP UserFilter/LoginFilter length restriction
 - Fix: UTC timezone issue with `TimeZoneDropdownAddition` and added `$includeUTC` flag to `TimezoneHelper::generateList()`
-
+- Fix: ControllerAccess json rule
 
 1.2.2  (August 2, 2017)
 --------------------------------