lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-10-15 19:54:57 +08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

Fixing that when editing blog posts permissions were mistakenly checked for the blog instead of the post

Browse Source
This commit is contained in:
Lombiq
2016-01-06 14:49:57 +01:00
parent c642bc0174
commit 79b0b809ca
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/Orchard.Web/Modules/Orchard.Blogs/Controllers/BlogPostAdminController.cs
View File

@@ -44,7 +44,7 @@ namespace Orchard.Blogs.Controllers {
var blogPost = Services.ContentManager.New<BlogPostPart>("BlogPost"); var blogPost = Services.ContentManager.New<BlogPostPart>("BlogPost");
blogPost.BlogPart = blog; blogPost.BlogPart = blog;
if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, blog, T("Not allowed to create blog post"))) if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, blogPost, T("Not allowed to create blog post")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
var model = Services.ContentManager.BuildEditor(blogPost); var model = Services.ContentManager.BuildEditor(blogPost);
@@ -76,7 +76,7 @@ namespace Orchard.Blogs.Controllers {
var blogPost = Services.ContentManager.New<BlogPostPart>("BlogPost"); var blogPost = Services.ContentManager.New<BlogPostPart>("BlogPost");
blogPost.BlogPart = blog; blogPost.BlogPart = blog;
if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, blog, T("Couldn't create blog post"))) if (!Services.Authorizer.Authorize(Permissions.EditBlogPost, blogPost, T("Couldn't create blog post")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
Services.ContentManager.Create(blogPost, VersionOptions.Draft); Services.ContentManager.Create(blogPost, VersionOptions.Draft);
@@ -88,7 +88,7 @@ namespace Orchard.Blogs.Controllers {
} }
if (publish) { if (publish) {
if (!Services.Authorizer.Authorize(Permissions.PublishBlogPost, blog.ContentItem, T("Couldn't publish blog post"))) if (!Services.Authorizer.Authorize(Permissions.PublishBlogPost, blogPost.ContentItem, T("Couldn't publish blog post")))
return new HttpUnauthorizedResult(); return new HttpUnauthorizedResult();
Services.ContentManager.Publish(blogPost.ContentItem); Services.ContentManager.Publish(blogPost.ContentItem);