aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2017-03-06 15:33:10 -0800
committerzotlabs <mike@macgirvin.com>2017-03-06 15:33:10 -0800
commit595cb13d8f2793fcefdc1566715848479460e479 (patch)
treee6e7e635f6253f0bd0e8cd269ff6e21119ab2048 /Zotlabs
parent9e44b0727513d820336cd4c51350d62b13cf8479 (diff)
downloadvolse-hubzilla-595cb13d8f2793fcefdc1566715848479460e479.tar.gz
volse-hubzilla-595cb13d8f2793fcefdc1566715848479460e479.tar.bz2
volse-hubzilla-595cb13d8f2793fcefdc1566715848479460e479.zip
correct fix for wiki anonymous read issue (items_permissions_sql checks item.public_policy which was set for posts, not wikis)
Diffstat (limited to 'Zotlabs')
-rw-r--r--Zotlabs/Lib/NativeWikiPage.php12
1 files changed, 4 insertions, 8 deletions
diff --git a/Zotlabs/Lib/NativeWikiPage.php b/Zotlabs/Lib/NativeWikiPage.php
index e9f8a32c9..941ade90c 100644
--- a/Zotlabs/Lib/NativeWikiPage.php
+++ b/Zotlabs/Lib/NativeWikiPage.php
@@ -64,6 +64,8 @@ class NativeWikiPage {
$arr['deny_cid'] = $w['wiki']['deny_cid'];
$arr['deny_gid'] = $w['wiki']['deny_gid'];
+ $arr['public_policy'] = map_scope(\Zotlabs\Access\PermissionLimits::Get($channel_id,'view_wiki'),true);
+
// We may wish to change this some day.
$arr['item_unpublished'] = 1;
@@ -232,10 +234,7 @@ class NativeWikiPage {
}
}
- $sql_extra = '';
-
- if($w['wiki']['allow_cid'] || $w['wiki']['allow_gid'] || $w['wiki']['deny_cid'] || $w['wiki']['deny_gid'])
- $sql_extra .= item_permissions_sql($channel_id,$observer_hash);
+ $sql_extra = item_permissions_sql($channel_id,$observer_hash);
if($revision == (-1))
$sql_extra .= " order by revision desc ";
@@ -288,10 +287,7 @@ class NativeWikiPage {
}
}
- $sql_extra = '';
-
- if($w['wiki']['allow_cid'] || $w['wiki']['allow_gid'] || $w['wiki']['deny_cid'] || $w['wiki']['deny_gid'])
- $sql_extra .= item_permissions_sql($channel_id,$observer_hash);
+ $sql_extra = item_permissions_sql($channel_id,$observer_hash);
$sql_extra .= " order by revision desc ";