-
Notifications
You must be signed in to change notification settings - Fork 68
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ENH Check canViewFile permissions before automatically grant access #517
ENH Check canViewFile permissions before automatically grant access #517
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's some broken unit tests in CI - however they relate to this #518 (comment)
Did you identify any content editing experiences that are likely to break because of this change?
src/File.php
Outdated
if ($this->File->canViewFile()) { | ||
$grant = true; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if ($this->File->canViewFile()) { | |
$grant = true; | |
} | |
if (!$grant && $this->canView()) { | |
$grant = true; | |
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there any reason why we'd use $this->File->canViewFile()
over regular $this->canView()
?
We should also perform a !$grant
check first to prevent unnecessary logic
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
DONE
src/File.php
Outdated
if ($this->File->canViewFile()) { | ||
$grant = true; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if ($this->File->canViewFile()) { | |
$grant = true; | |
} | |
if (!$grant && $this->canView()) { | |
$grant = true; | |
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
DONE
cd8ff01
to
31902b2
Compare
…access to the file
31902b2
to
79c394a
Compare
@sabina-talipova Did you identify any content editing experiences that are likely to break because of this change? |
@emteknetnz , I did a few tests in Page section, Submission section on UserFormPage and Files section. And I also tested DRAFT content on Published and Unpublished pages. I haven't found any problem with Content or UI. |
Description
Add condition to check if user has access to view the file and only then give him a session grant access to the file.
Parent Issue