HandlerPageView: Prevent viewing older revisions if not allowed
Este commit está contenido en:
padre
d974d4bfb6
commit
5abaaf67d0
@ -90,6 +90,10 @@ Response HandlerPageView::handleRequest(PageDao &pageDao, std::string pagename,
|
||||
{
|
||||
if(revisionid > 0)
|
||||
{
|
||||
if(!effectivePermissions(pagename).canSeePageHistory())
|
||||
{
|
||||
return errorResponse("Error", "You are not allowed to view older revisions of this page");
|
||||
}
|
||||
revision = this->database->createRevisionDao()->getRevisionForPage(pagename, revisionid);
|
||||
if(!revision)
|
||||
{
|
||||
|
Cargando…
Referencia en una nueva incidencia
Block a user