crtxcr
/
qswiki
1
0
Fork 0
Code Issues 21 Pull Requests 1 Releases Activity

HandlerPageView: Prevent viewing older revisions if not allowed

This commit is contained in:
Albert S. 2020-09-21 21:44:26 +02:00
parent d974d4bfb6
commit 5abaaf67d0
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
handlers/handlerpageview.cpp
View File

@ -90,6 +90,10 @@ Response HandlerPageView::handleRequest(PageDao &pageDao, std::string pagename,
{
if(revisionid > 0)
{
if(!effectivePermissions(pagename).canSeePageHistory())
{
return errorResponse("Error", "You are not allowed to view older revisions of this page");
}
revision = this->database->createRevisionDao()->getRevisionForPage(pagename, revisionid);
if(!revision)
{