HandlerPageView: Prevent viewing older revisions if not allowed

Este commit está contenido en:
Albert S. 2020-09-21 21:44:26 +02:00
padre d974d4bfb6
commit 5abaaf67d0

Ver fichero

@ -90,6 +90,10 @@ Response HandlerPageView::handleRequest(PageDao &pageDao, std::string pagename,
{
if(revisionid > 0)
{
if(!effectivePermissions(pagename).canSeePageHistory())
{
return errorResponse("Error", "You are not allowed to view older revisions of this page");
}
revision = this->database->createRevisionDao()->getRevisionForPage(pagename, revisionid);
if(!revision)
{