wamo/gnu-social
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

don't show notices to out-of-scope viewers

Browse Source
This commit is contained in:
Evan Prodromou 2011-03-28 22:21:41 -04:00
parent e862dcdb8a
commit 7b8fc701e0
1 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
actions/shownotice.php
View File

@ -79,7 +79,7 @@ class ShownoticeAction extends OwnerDesignAction
$id = $this->arg('notice'); $id = $this->arg('notice');
$this->notice = Notice::staticGet($id); $this->notice = Notice::staticGet('id', $id);
if (empty($this->notice)) { if (empty($this->notice)) {
// Did we used to have it, and it got deleted? // Did we used to have it, and it got deleted?
@ -94,6 +94,18 @@ class ShownoticeAction extends OwnerDesignAction
return false; return false;
} }
$cur = common_current_user();
if (!empty($cur)) {
$curProfile = $cur->getProfile();
} else {
$curProfile = null;
}
if (!$this->notice->inScope($curProfile)) {
throw new ClientException(_('Not available.'), 403);
}
$this->profile = $this->notice->getProfile(); $this->profile = $this->notice->getProfile();
if (empty($this->profile)) { if (empty($this->profile)) {