projects / GitHub / WoltLab / WCF.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8bdf1f8)
Suppress user popover when user may not view profiles
authorAlexander Ebert <ebert@woltlab.com>
Sun, 30 Apr 2017 17:57:24 +0000 (19:57 +0200)
committerAlexander Ebert <ebert@woltlab.com>
Sun, 30 Apr 2017 17:57:24 +0000 (19:57 +0200)
See #2263

com.woltlab.wcf/templates/headIncludeJavaScript.tpl patch | blob | blame | history
wcfsetup/install/files/js/WoltLabSuite/Core/BootstrapFrontend.js patch | blob | blame | history
wcfsetup/install/files/lib/data/user/UserProfileAction.class.php patch | blob | blame | history

diff --git a/com.woltlab.wcf/templates/headIncludeJavaScript.tpl b/com.woltlab.wcf/templates/headIncludeJavaScript.tpl
index 62c44a6b03493e58a70dca5e9022250afb1cb6da..7480ccced1bb454e2e62be7cf6282645c80350e1 100644 (file)
--- a/com.woltlab.wcf/templates/headIncludeJavaScript.tpl
+++ b/com.woltlab.wcf/templates/headIncludeJavaScript.tpl
@@ -118,6 +118,7 @@ requirejs.config({
                                url: '{link controller="BackgroundQueuePerform"}{/link}',
                                force: {if $forceBackgroundQueuePerform|isset}true{else}false{/if}
                        },
+                       enableUserPopover: {if $__wcf->getSession()->getPermission('user.profile.canViewUserProfile')}true{else}false{/if},
                        styleChanger: {if $__wcf->getStyleHandler()->showStyleChanger()}true{else}false{/if}
                });
                
diff --git a/wcfsetup/install/files/js/WoltLabSuite/Core/BootstrapFrontend.js b/wcfsetup/install/files/js/WoltLabSuite/Core/BootstrapFrontend.js
index 801fc597a10dea032f4644a6b8d9833655fc8c6e..3cf345d080e52501397f6765d850d3fc027307b4 100644 (file)
--- a/wcfsetup/install/files/js/WoltLabSuite/Core/BootstrapFrontend.js
+++ b/wcfsetup/install/files/js/WoltLabSuite/Core/BootstrapFrontend.js
@@ -41,7 +41,10 @@ define(
                                ControllerStyleChanger.setup();
                        }
                        
-                       this._initUserPopover();
+                       if (options.enableUserPopover) {
+                               this._initUserPopover();
+                       }
+                       
                        this._invokeBackgroundQueue(options.backgroundQueue.url, options.backgroundQueue.force);
                        
                        UiUserIgnore.init();
diff --git a/wcfsetup/install/files/lib/data/user/UserProfileAction.class.php b/wcfsetup/install/files/lib/data/user/UserProfileAction.class.php
index 79a005eb63d69e4760a9e5457ac2057c4e89aa47..35c7d5c4596365562c0f3bde07aec66efc182bc6 100644 (file)
--- a/wcfsetup/install/files/lib/data/user/UserProfileAction.class.php
+++ b/wcfsetup/install/files/lib/data/user/UserProfileAction.class.php
@@ -77,6 +77,8 @@ class UserProfileAction extends UserAction {
         * Validates user profile preview.
         */
        public function validateGetUserProfile() {
+               WCF::getSession()->checkPermissions(['user.profile.canViewUserProfile']);
+               
                if (count($this->objectIDs) != 1) {
                        throw new UserInputException('objectIDs');
                }
WoltLab Suite Core (previously WoltLab Community Framework)