HandlerPageView: Add misisng check whether passed revision is most recent
This commit is contained in:
parent
e4562809a0
commit
2aa11fc2b2
@ -92,7 +92,11 @@ Response HandlerPageView::handleRequest(PageDao &pageDao, std::string pagename,
|
|||||||
{
|
{
|
||||||
if(!effectivePermissions(pagename).canSeePageHistory())
|
if(!effectivePermissions(pagename).canSeePageHistory())
|
||||||
{
|
{
|
||||||
return errorResponse("Error", "You are not allowed to view older revisions of this page");
|
auto current = this->database->createRevisionDao()->getCurrentForPage(pagename);
|
||||||
|
if(current && current->revision > revisionid)
|
||||||
|
{
|
||||||
|
return errorResponse("Error", "You are not allowed to view older revisions of this page");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
revision = this->database->createRevisionDao()->getRevisionForPage(pagename, revisionid);
|
revision = this->database->createRevisionDao()->getRevisionForPage(pagename, revisionid);
|
||||||
if(!revision)
|
if(!revision)
|
||||||
|
Loading…
Reference in New Issue
Block a user