mirror_php/humhub
1
0
Fork 0
mirror of https://github.com/humhub/humhub.git synced 2025-01-17 14:18:27 +01:00
Code Issues Projects Releases Wiki Activity

Fix #3873: Invalid visibility handling in Content::canView() for private global content

Browse Source
This commit is contained in:
buddh4 2020-02-19 18:03:29 +01:00
parent e4a358b308
commit 4320e4764c
2 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
protected/humhub/docs/CHANGELOG_DEV.md
View File

@ -8,4 +8,4 @@ HumHub Change Log (DEVELOP)
- Enh #3858: Support SameSite cookies
- Fix #3861: Improved warning details when auto delete inconsistent notification
- Enh: Added gradient to `ui.showMore` feature
- Enh:
- Fix #3873: Invalid visibility handling in `Content::canView()` for private global content

7
protected/humhub/modules/content/models/Content.php
View File

@ -749,7 +749,12 @@ class Content extends ActiveRecord implements Movable, ContentOwner
$user = User::findOne(['id' => $user]);
}
// User cann access own content
// Check global content visibility, private global content is visible for all users
if(empty($this->contentcontainer_id) && !Yii::$app->user->isGuest) {
return true;
}
// User can access own content
if ($user !== null && $this->created_by == $user->id) {
return true;
}