github-mirror/framework
2
0
Fork 0
mirror of https://github.com/flarum/framework.git synced 2024-12-11 21:43:38 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Don't let users view discussions without permission

Browse Source 
closes #599
This commit is contained in:
Toby Zerner 2015-10-22 21:52:15 +10:30
parent 73c02f66e7
commit d6691e6299
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
framework/core/src/Core/Access/DiscussionPolicy.php
View File

@ -69,7 +69,9 @@ class DiscussionPolicy extends AbstractPolicy
*/
public function find(User $actor, Builder $query)
{
if (! $actor->hasPermission('discussion.hide')) {
if (! $actor->hasPermission('viewDiscussions')) {
$query->whereRaw('FALSE');
} elseif (! $actor->hasPermission('discussion.hide')) {
$query->where(function ($query) use ($actor) {
$query->whereNull('discussions.hide_time')
->where('comments_count', '>', 0)